To effectively adopt behaviouraldriven AI capability , foundational security based on already proven technologies must be strong .
decrypting myths solutions that have come to market . While good , they are exactly that – niche solutions with a narrow focus . They only address a small proportion of a particular type of problem . Threats are ever-changing as criminals are constantly deploying fresh techniques to deceive .
Endpoint threats
Threats don ’ t always come from emails alone . There are endpoints such as browsers and webpages , third-party document sharing solutions , network access control systems , sandboxing , encryption and many more , that can also be breached . So , measures such as antivirus protection , network traffic monitoring , vulnerability management and so on are crucial .
In such situations , applying existing technologies such as Natural Language Processing and Machine Learning are extremely effective . In fact , today these techniques are widely deployed to help stop Zero Day malware and ransomware activity that are not necessarily file-based . Data from these technologies is also needed to train the newer AI technologies .
Behavioural-driven , AI-led security
Embedding behavioural-driven , AIled security presents an effective solution to a multi-layered approach to cybersecurity – from the first stage reconnaissance activity that criminals initiate , i . e . phishing , through to ransomware and the signature-less , ‘ never before seen ’ zero-day attacks .
Fundamental to deploying such technology is access to vast volumes of data that include all versions of AI formats for every aspect of security – from sandboxing , endpoint and process monitoring through to malware and deep link phishing detection and user date baselining .
Afterall , at its core , what is AI ? Essentially it is a massive search engine that provides information by using natural language to surface insights for a rounded picture of what is happening in an enterprise ’ s environment and where they need to focus on to pre-empt security breaches .
Enterprises looking to deploy behavioural-driven security must ensure that the data input for the AI engine includes accurate internal and external data . For example , if employees ’ email behaviour is only analysed based on usage at the current organisation and in niche areas – links , executables , bad files , macros and such – it greatly limits the ability of the AI Business Email Compromise solution to provide an accurate picture of online behaviour .
To effectively adopt behaviouraldriven AI capability , foundational security based on already proven technologies must be strong .
Besides , say a new starter receives a novel phishing link that the enterprise
68 www . intelligentciso . com