The attack surface within the cybersecurity landscape is ever expanding and gaining in complexity, meaning that today, the securing and tracking of sensitive data is of the utmost importance – perhaps more than ever before, Gideon Viljoen, Datacentrix Presales Specialist: ICT Security says.
“In fact,” the ICT Security exec at the leading hybrid ICT systems integrator and managed services provider, Datacentrix, says, “with the introduction of legislation such as the Protection of Personal Information Act (POPIA), organisations can be penalised for not taking every conceivable measure to ensure data is protected and secured.
“Add to this the fact that businesses are moving from an on-premise environment to the cloud, allowing users access to data sets and information to be used for daily activities, and it’s clear that it is becoming increasingly challenging to control and protect information.”
Cybersecurity: The global reality
Viljoen explains that all these challenges are further exacerbated by the current global shortage of cybersecurity skills, which is a serious growing concern.
“Maintaining control and an audit trail of cybersecurity activities can be daunting and expensive if you are investing in human resources to manage and maintain this on your behalf. And it’s not just the skilling up of cybersecurity staff that is a challenge – retaining knowledgeable staff is another problem area, as experts in this field are frequently poached by the highest bidder.
“Furthermore, with the sheer amount of data flowing through our organisations on a daily basis, with millions, if not sometimes billions, of alerts and notifications pinging through, ‘alert fatigue’ has become a real challenge. Unfortunately, this can equate to significant threats sometimes being missed due to the ‘noise’ of it all, as it becomes more difficult to identify actionable threats from false positives.”
This being said, Mimecast’s 7th Annual State of Email Security Report offers some optimism amongst all of these worries, stating that artificial intelligence (AI) and machine learning (ML) are helping under-resourced cybersecurity teams stay ahead of the curve, Viljoen says.
The report states that 92 per cent of companies are either using or plan to use AI and ML to bolster their cybersecurity. Forty-nine per cent of those surveyed are already using some combination of these technologies (compared to 46 per cent last year and just 38 per cent the year before). It also says that, amongst the companies already using AI/ML, more accurate threat detection (50 per cent), an improved ability to block threats (49 per cent), and faster remediation when an attack has occurred (48 per cent) are viewed as the three biggest benefits.
In addition, most SOES participants (81 per cent) agree that AI systems that are able to provide real-time, contextual warnings to email and collaboration tool users would be a huge boon. Twelve per cent went so far as to say that the benefits of such a system would revolutionise the ways in which cybersecurity is practised.
“The use of AI and ML technologies and techniques” Viljoen says, “can assist the human resources with the ‘heavy lifting’ of sifting through the data, analysing it much faster, making a decision based on collected artefacts, and only requiring human interaction for the verification of the presented artefacts.
“AI and ML toolsets are becoming extremely useful for our everyday lives and businesses alike, helping to combat alert fatigue, decrease false positives, automate repetitive tasks and improve the quality of alerts to the human for verification.He explains that “these valuable tools play an important supporting role, assisting cybersecurity professionals to do more with less and allowing them to deliver peace of mind in an ever-changing world.”