Story image

Machine learning is a tool and the bad guys are using it

20 Feb 2019

On Friday, Chillisoft’s inaugural CybersecCon was held in Auckland to a crowd of MSPs and cybersecurity professionals from across New Zealand, but the overarching message of the conference was global - we need data analysis and the machine learning that enables it for any good cybersecurity strategy.

The event’s keynote speaker was KPMG NZ CIO Cowen Pettigrew who outlined the need for a new, concentric approach to securing an organisation.

“Outside in, and inside out. Everything has an IP address. Trust is not a given so you need to form a data-driven, concentric view,” he begins.

A concentric view, we learn, is one that not only considers the data that is coming into an organisation but also that which is leaving - for every layer of protection against infiltration, you need the equivalent protections against exfiltration.

Pettigrew recognises that there are significant barriers when it comes to trying to implement a data-driven strategy, which is where the technology of the day comes in.

“You’ll never have enough staff or the necessary skills on tap so form a data concentric model and invest in machine learning technology… Our model is designed to provide a centralised data warehouse that supports the ability for machine learning and AI-based tools, alongside our human data scientists, to interrogate and visualise the data at speed, as needed. Now, having built the architecture, our 2019 roadmap is to embed our enterprise application suites and make some choices.”

This is not an easy task to perform, even with the resources of KPMG, Pettigrew and his team have taken around 12 months to get to where they are now, and going forward it is only going to get more difficult as they begin to integrate a complex array of applications.

“Create data integration functionality within local API's to develop a single pane of glass and avoid what I call islands of integration on disconnected applications,” he advises. 

“All over the place, I'm seeing all kinds of problems with an inability for applications to talk. Also, real-time information sharing means we can leverage the strength of the global cybersecurity knowledge.”

To build on Pettigrew’s advocation for machine learning, ESET’s Slovakia-based CTO Juraj Malcho addressed the crowd after winging all the way to New Zealand.

Malcho spoke about the mass perception of AI and machine learning, and how people are being conditioned to fear it before they even know what it is.

“Typically, people like destruction and problems,” Malcho points out.

“They listen to or read the news and are looking for war or conflict. I don't know why we're programmed this way but it's so easy to exploit this behaviour. So, what is artificial intelligence to these people? They think it’s mysterious, it's intangible, and it's evil. But really it’s mathematics. It's not something that came out of outer space, it was invented by humans. It doesn’t even feed itself inputs.”

Malcho’s presentation was not about trying to panic anyone and not about trying to sell any solutions, but about helping cybersecurity experts realise that the other guys can innovate too and so we need to get over the panic around AI.

Today, a phishing scam will be targeted at someone, by someone - but tomorrow, a machine might use our online or breached data to do that work at scale, automatically.

“If you have automation, you can make it a problem for everyone, that’s the difference, that’s the problem I see with AI/ML today. Yes, one person might go after a CEO or CFO, and so on, but it's expensive and it takes time. But what if a machine does it for you? And you can add everyone, every Grandma, every person on this planet? Then almost everyone will be under a sophisticated or semi-sophisticated attack.”

Keeping ourselves, our organisations, and our friends and family safe is becoming increasingly difficult.

What Pettigrew and Malcho are saying is that we need to remember that those people looking to take our data or money do not share the concerns we have when it comes to using new tech.

Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.