How organisations deal with complex cyber attacks

Increasingly sophisticated cyber-attacks mean businesses need innovative ways of handling advanced threats

Where the organisation is concerned, the CISO must learn the language of the boardroom (risk) and earn their seat there. This must happen for funding to flow and for security to align to the business; the c-suite must care about security as much as they do about other forms of risk, like operational, legal and financial risk.

Finally, the practice of security needs to be more agile with a focus on metrics that value most highly the carbon-based intelligence and wisdom and maximise its use in a company. "Automation isn't going to be an AI that just 'does security for you' but it can make the lives of practitioners better and faster and quicker to adapt," adds Curry.

Complex attacks require careful analysis

The increasing intricacy of cyber-attacks has increasingly led companies towards using predictive security -- and human analytics plays a large part in this.

"Cyber criminals are smart people and should be countered by equally knowledgeable analytics teams that seek to understand the complexity of threats and how to combat them, to listen to the chatter and use that to move away from being reactive," says Rory Duncan, head of security at Dimension Data. "The ability to deconstruct and reconstruct attacks to identify what has happened in breaches, before and after attacks, is vital."

Complex cyber-attacks are run by humans and attempt to deploy psychological techniques in tandem with technology, which is why knowledge of vulnerabilities and being able to anticipate them is key for setting up a proper defence.

"One example is the protection of emails going to HR and accounts specifically, because they're constantly required to open attached job applications and invoices respectively, from people they don't know. Attackers are well aware of this, so specifically target HR and accounts. Common sense beats machine learning in this area," says Wieland Alge, VP and GM for Barracuda.

The role of artificial intelligence

AI can provide notable cyber-security advantages compared to a human being's ability to combat threats.

"AI could also be valuable for developing solutions for a range of industries, harnessed in such a way that it understands user and network behaviour, comprehends business context through self-learning over time, and reacts to any deviations from the norm in real-time," says Tristan Liverpool, director of systems engineering at F5 Networks.

Machine learning shortens the time it takes to spot something strange happening on a network, but it can't tell you exactly what's wrong, according to Gary Evans, CTO at Reliance.

"You need good people to dig deeper and understand if it's a real threat or not. Spotting the anomalies are difficult for people thanks to the vast quantities of data and events organisations typically produce, this is where ML really excels. But we absolutely still need skilled analysts to investigate and quantify the anomalies," he says.

Main image credit: Bigstock

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021