By Jaspreet Singh
In an era of digital disruption where Internet of Things (IoT) and mobility are invading IT perimeters, artificial intelligence is emerging as the future of cybersecurity. With the expansion of the modern threat landscape, the inclusion of AI in the security strategy has become imperative for the establishment and maintenance of an effective security posture. Given the urgent need for protecting both data and high-value assets, organisations have started incorporating elements of machine learning and AI.
With a series of investments, a raft of new products, and a rising tide of enterprise deployments, artificial intelligence is making a splash in the IoT ecosystem. Large organisations across sectors are already exploring and leveraging the power of AI with IoT to deliver new offerings and operate more efficiently. This integration has helped the organisations and security personnel in reducing false alerts received from various systems, thereby increasing the efficiency of the security teams. It also provides greater investigation efficiency and is helpful in the detection and mitigation of modern attacks.
The essence of IoT is dependent on obtaining information from associated gadgets and utilizing that information for a significant purpose, which incorporates empowering individuals and associated gadgets to make a move reliant on the analyzed and visualized information. As IoT devices generate vast amounts of data, AI will be functionally necessary to deal with these huge volumes to decipher intelligence from this raw data. Further, AI based IoT applications and devices enable companies to avoid unplanned downtime, increase operating efficiency, spawn new products and services, and enhance risk management.
AI will further help organisations in automating and detecting attacks and reacting to breaches. On the access control front with the integration of systems, multi-factor authentication, and pattern recognition, AI is helping to identify possible threats and improving the overall security stature. AI is being leveraged to recognize patterns of use by personnel and subsequently raise an alert of a possible insider threat. AI is also catering to both post event processing and real time analysis for identifying patterns in data sets, running predictive analytics, responding quickly to conditions and building up knowledge of decisions about those events.
With all benefits, however, come substantial risks. While the organisations are adopting AI to bolster their security efforts, cybercriminals have also resorted to approaches to ease out their way into malicious exploitation of vulnerabilities. Because of the developing number and assortment of IoT gadgets entering system foundations, cybercriminals have the chance and ability to dispatch quick, complex assaults that these innately defenseless gadgets act as entryways into corporate systems, which may go undetected for a long time. Further, hackers are increasingly turning to AI to help them evade detection and are also using AI to automate target selection. Hackers also aim to use artificial intelligence tools to scrub social media for personal data that could be used to customize emails in spear-phishing attacks. The list of how AI can be exploited is endless, however, organisations are trying to get an upper hand over AI which can be used to spot and block such malicious activity.
Organisations are starting to utilize AI and IoT to open an incentive from expansive volumes of advanced information. With machine learning embedded into an IoT environment, organisations are aiming to get more ‘connected intelligence’. IoT and AI combined could be the trigger to drive smart city business cases by building not only a connected city, but also a connected intelligent city. This evolution will not come easily. Artificial intelligence solutions require a great deal of backend infrastructure and massive computation power. This however, should not be the holding factor as IoT and AI are the game-changers and there is enough potential for professionals to innovate further. In conclusion, companies need to approach AI, IoT and cybersecurity from two perspectives: protecting their own AI enabled IoT initiatives and using AI based cybersecurity approaches to protect their assets from cyber-attacks.
The author of the article is the Partner – Cyber Security at EY.