How organisations deal with complex cyber attacks

Increasingly sophisticated cyber-attacks mean businesses need innovative ways of handling advanced threats

Where the organisation is concerned, the CISO must learn the language of the boardroom (risk) and earn their seat there. This must happen for funding to flow and for security to align to the business; the c-suite must care about security as much as they do about other forms of risk, like operational, legal and financial risk.

Finally, the practice of security needs to be more agile with a focus on metrics that value most highly the carbon-based intelligence and wisdom and maximise its use in a company. "Automation isn't going to be an AI that just 'does security for you' but it can make the lives of practitioners better and faster and quicker to adapt," adds Curry.

Complex attacks require careful analysis

The increasing intricacy of cyber-attacks has increasingly led companies towards using predictive security -- and human analytics plays a large part in this.

"Cyber criminals are smart people and should be countered by equally knowledgeable analytics teams that seek to understand the complexity of threats and how to combat them, to listen to the chatter and use that to move away from being reactive," says Rory Duncan, head of security at Dimension Data. "The ability to deconstruct and reconstruct attacks to identify what has happened in breaches, before and after attacks, is vital."

Complex cyber-attacks are run by humans and attempt to deploy psychological techniques in tandem with technology, which is why knowledge of vulnerabilities and being able to anticipate them is key for setting up a proper defence.

"One example is the protection of emails going to HR and accounts specifically, because they're constantly required to open attached job applications and invoices respectively, from people they don't know. Attackers are well aware of this, so specifically target HR and accounts. Common sense beats machine learning in this area," says Wieland Alge, VP and GM for Barracuda.

The role of artificial intelligence

AI can provide notable cyber-security advantages compared to a human being's ability to combat threats.

"AI could also be valuable for developing solutions for a range of industries, harnessed in such a way that it understands user and network behaviour, comprehends business context through self-learning over time, and reacts to any deviations from the norm in real-time," says Tristan Liverpool, director of systems engineering at F5 Networks.

Machine learning shortens the time it takes to spot something strange happening on a network, but it can't tell you exactly what's wrong, according to Gary Evans, CTO at Reliance.

"You need good people to dig deeper and understand if it's a real threat or not. Spotting the anomalies are difficult for people thanks to the vast quantities of data and events organisations typically produce, this is where ML really excels. But we absolutely still need skilled analysts to investigate and quantify the anomalies," he says.

Main image credit: Bigstock

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021