Artificial intelligence and machine learning in cybersecurity prove to be hot topics amongst security professionals and they’re looking to spend more on tools that can do those very tasks, according to the 11th Cisco 2018 Annual Cybersecurity Report.
According to the report, machine learning is able to help enhance network security and defences by learning how to detect unusual traffic patterns in cloud and IoT environments.
That technology is in hot demand, particularly as the volume of legitimate and malicious web traffic grows. According to Cisco statistics from October 2017, 50% of web traffic is encrypted. Over a 12-month period, Cisco researchers also spotted a threefold increase in malware samples that used encrypted network communication.
Network encryption is causing challengers for defenders who are trying to identify and monitor any potential threats – however security professionals are eager to adopt machine learning.
While machine learning comes with drawbacks such as false positives, security professionals realise that machine learning and AI technologies are still in their infancy.
The report also found that more than half of all cyber attacks result in financial damages of more than US$500,000 (AU$637,630) including lost revenue, customers, opportunities and out-of-pocket costs.
Security solutions are becoming numerous and complex as the scope of breaches expands. Defenders are now using a ‘complex’ mix of products from a cross-section of vendors.
In 2017, 25% of security professionals said they used products from 11-20 vendors. They also said that 32% of breaches affected more than half of their systems.
Cyber attackers are also quick to recognise the value of security holes and they are exploiting the lack of advanced security on cloud platforms.
While 57% of security professionals say they host data in the cloud because it has better data security, attackers are also taking advantage of the fact that security teams are having difficulty defending cloud environments that are evolving and expanding.
Cisco says that a combination of best practices, advanced security technologies such as machine learning and first-line-of-defence tools could help protect cloud environments.
"Last year's evolution of malware demonstrates that our adversaries continue to learn," comments Cisco’s senior VP and chief security and trust officer, John N. Stewart.
"We have to raise the bar now – top down leadership, business led, technology investments, and practice effective security – there is too much risk, and it is up to us to reduce it."
The survey polled 3,600 chief security officers (CSOs) and security operations (SecOps) managers from 26 countries.
Other findings from the report:
Supply chain attacks are increasing in velocity, complexity
Use of cloud is growing; attackers taking advantage of the lack of advanced security
Trends in malware volume have an impact on defenders' time to detection (TTD)
Additional Recommendations for Defenders: