Four strategies organisations are using to combat cyber attacks

AI, machine learning, technical integration and flexible tools are leading the way

Security shield with glowing technology circle around the outside and a red and green hue surrounding

As cyber threats continue to grow in frequency and severity, traditional approaches to security have become less effective.

That's because the bots that facilitate incremental threat-levels are becoming smarter. They're now able to scour the internet for vulnerable applications and deceive even the most advanced of firewalls. Blocking all bots however, is not an option (even if it were possible), as they have become an integral component of the internet, improving customer experience by helping users achieve what they want to do. And with security strategies struggling to differentiate between the good bots and the bad bots, everyone is a target.

Newer technologies such as layered and endpoint security are coming forward as important ways to shore up defences and prevent headline-grabbing data leaks and ransomware attacks.

But what are organisations doing to combat the growing number and complexity of attacks? Here are four key strategies that are leading the battle for cyber threat detection and prevention.

AI and machine learning

Everyone is talking about AI and machine learning, and it can be hard to establish the practical applications around the buzz. Despite this, both AI and machine learning are emerging as a leading technology in security, with the potential to practically transform the landscape in the next few years.

Endpoint security technologies are beginning to use machine learning to ensure that applications are running securely by monitoring deviations from known good' code activity. Historically, this has been difficult to do due to the sheer quantity of data involved in various systems, but it is now getting easier to reliably and cost-effectively collect and analyse data in the cloud to spot patterns using machine learning.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Vendors are also incorporating artificial intelligence and machine learning into their security products to identify patterns of behaviour that are normal, as opposed to threatening.

Traffic management tools that employ machine learning, such as web application firewalls (WAF), can now quickly build and implement mitigations that help address new and evolving threats. Many even provide advanced bot management capabilities that can help alleviate security concerns by accurately distinguishing between human and machine users. While they are not entirely foolproof, WAFs provide enough of a barrier to dissuade bots from targeting your applications. Instead, the bots move on in search of weaker prey.  

Technical integration

Some of the competing technologies in the market are consolidating, which will ultimately lead to more breadth and depth of protection from single products, and therefore more effective security suites.

Prevention-focused tools such as anti-malware and application integrity protection are beginning to pull in detection-focused capabilities such as endpoint visibility and control, user behaviour monitoring and analytics.

Advertisement - Article continues below

Technical integration from consolidation can only be beneficial to organisations looking to make their security tools easier to manage and more effective in detecting and preventing attacks.

Merging existing and new technologies

They may be increasingly seen as outdated, but anti-malware, patch management and secure configuration management are still widely adopted due to legislation such as the Data Protection Act (and its incoming replacement, GDPR) as well as industry regulations. Security buyers complain that these technologies are ineffective against advanced attacks, but are required nonetheless.

Merging old technologies with modern technologies such as machine learning and artificial intelligence provides the benefits of security automation and the prevention of new, unknown threats. Certainly when it comes to cyber security, there's no such thing as too much protection.

Passive inspection technology, which limits the impact on the application, is also available: signatures, DNS checks and browser capabilities can be equipped to form an intelligence-enabled, defense-in-depth strategy that goes a long way to enhancing security.

Automated browsing defenses can be deployed which enhance traditional security methods by including behavioural analytics and device 'fingerprints'. These help to initially identify and catalogue non-human browsers, even if IP information changes.

Flexible endpoint solutions

User and application behaviour monitoring have usually been performed in isolation by separate technologies, but the two are beginning to integrate in ways that are offering businesses more advanced insight into future solutions.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Cloud technology is helping with this, as endpoint protection platforms that consolidate security in the cloud make it much easier to prevent, investigate and search for potential threats and vulnerabilities through a common, cloud-delivered platform.

Some cloud security platforms are integrating artificial intelligence and predictive technologies, which is able to learn from normal endpoint activity patterns to quickly spot evolving attacks, and identify where they originated.

With these integrations, and the continuous use of intelligent automation via AI, future security suites will be able to automatically identify malicious user and application behaviour and contain it without the involvement of skilled security analysts.

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/data-insights/big-data/354311/google-reveals-uks-most-searched-for-terms-in-2019
big data

Google reveals UK’s most searched for terms in 2019

11 Dec 2019