Four strategies organisations are using to combat cyber attacks

AI, machine learning, technical integration and flexible tools are leading the way

Security shield with glowing technology circle around the outside and a red and green hue surrounding

As cyber threats continue to grow in frequency and severity, traditional approaches to security have become less effective.

That's because the bots that facilitate incremental threat-levels are becoming smarter. They're now able to scour the internet for vulnerable applications and deceive even the most advanced of firewalls. Blocking all bots however, is not an option (even if it were possible), as they have become an integral component of the internet, improving customer experience by helping users achieve what they want to do. And with security strategies struggling to differentiate between the good bots and the bad bots, everyone is a target.

Newer technologies such as layered and endpoint security are coming forward as important ways to shore up defences and prevent headline-grabbing data leaks and ransomware attacks.

But what are organisations doing to combat the growing number and complexity of attacks? Here are four key strategies that are leading the battle for cyber threat detection and prevention.

AI and machine learning

Everyone is talking about AI and machine learning, and it can be hard to establish the practical applications around the buzz. Despite this, both AI and machine learning are emerging as a leading technology in security, with the potential to practically transform the landscape in the next few years.

Endpoint security technologies are beginning to use machine learning to ensure that applications are running securely by monitoring deviations from known good' code activity. Historically, this has been difficult to do due to the sheer quantity of data involved in various systems, but it is now getting easier to reliably and cost-effectively collect and analyse data in the cloud to spot patterns using machine learning.

Vendors are also incorporating artificial intelligence and machine learning into their security products to identify patterns of behaviour that are normal, as opposed to threatening.

Traffic management tools that employ machine learning, such as web application firewalls (WAF), can now quickly build and implement mitigations that help address new and evolving threats. Many even provide advanced bot management capabilities that can help alleviate security concerns by accurately distinguishing between human and machine users. While they are not entirely foolproof, WAFs provide enough of a barrier to dissuade bots from targeting your applications. Instead, the bots move on in search of weaker prey.  

Technical integration

Some of the competing technologies in the market are consolidating, which will ultimately lead to more breadth and depth of protection from single products, and therefore more effective security suites.

Prevention-focused tools such as anti-malware and application integrity protection are beginning to pull in detection-focused capabilities such as endpoint visibility and control, user behaviour monitoring and analytics.

Technical integration from consolidation can only be beneficial to organisations looking to make their security tools easier to manage and more effective in detecting and preventing attacks.

Merging existing and new technologies

They may be increasingly seen as outdated, but anti-malware, patch management and secure configuration management are still widely adopted due to legislation such as the Data Protection Act (and its incoming replacement, GDPR) as well as industry regulations. Security buyers complain that these technologies are ineffective against advanced attacks, but are required nonetheless.

Merging old technologies with modern technologies such as machine learning and artificial intelligence provides the benefits of security automation and the prevention of new, unknown threats. Certainly when it comes to cyber security, there's no such thing as too much protection.

Passive inspection technology, which limits the impact on the application, is also available: signatures, DNS checks and browser capabilities can be equipped to form an intelligence-enabled, defense-in-depth strategy that goes a long way to enhancing security.

Automated browsing defenses can be deployed which enhance traditional security methods by including behavioural analytics and device 'fingerprints'. These help to initially identify and catalogue non-human browsers, even if IP information changes.

Flexible endpoint solutions

User and application behaviour monitoring have usually been performed in isolation by separate technologies, but the two are beginning to integrate in ways that are offering businesses more advanced insight into future solutions.

Cloud technology is helping with this, as endpoint protection platforms that consolidate security in the cloud make it much easier to prevent, investigate and search for potential threats and vulnerabilities through a common, cloud-delivered platform.

Some cloud security platforms are integrating artificial intelligence and predictive technologies, which is able to learn from normal endpoint activity patterns to quickly spot evolving attacks, and identify where they originated.

With these integrations, and the continuous use of intelligent automation via AI, future security suites will be able to automatically identify malicious user and application behaviour and contain it without the involvement of skilled security analysts.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021
CISOs aren’t leading by example when it comes to cyber security
cyber security

CISOs aren’t leading by example when it comes to cyber security

24 May 2021

Most Popular

Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021