This is the message from Mark Shaw, technology strategist at Symantec, as he lists new cybersecurity tools and strategies to use following a year of ‘mega breaches’ across the globe.
One of these is 'machine learning'.
The ability for machine learning to predict cyberattacks will improve detection rates and may just be the key that reverses the trend on cybercrime, he states.
A new generation of business platforms is emerging from the convergence of machine learning and big data and it will be a game changer in cybersecurity, he states.
There is a critical need to stay “proactive” against threats, instead of reacting to them and machine learning will help security vendors stay one step ahead of cybercriminals.
In addition, establishing context and creating adaptive controls is becoming increasingly necessary to identify threats and protect an organisations critical information assets.
He says security vendors are building technologies that can detect anomalous behaviour.
This involves understanding and baselining a user’s or system’s ‘digital DNA’.
Once a baseline can be established any significant delta or deviation would raise a flag for further investigation, he explains.
In the case of user identity, we already delivery technologies such as intelligent, risk-based authentication to force step up authentication only when an abnormal login sequence takes place (new device, different location, etc, etc), says Shaw. “These types of technologies will be game changers in the fight against cybercrime and the protection of an organisation’s critical information.”Read more: Training for one of the most in demand roles of the digital economy
The ability for machine learning to predict cyberattacks will improve detection rates and may just be the key that reverses the trend on cybercrime.
'Hack the planet'
He says scammers will continue to run profitable ransom ware scams.
Symantec’s Internet Security Threat Report notes ransom ware attacks grew by 500 per cent and turned vicious in the latter part of 2013.Read more: What corporates can learn from the NZ Police on ‘user focus’
This growth was largely due to the success of Ransomcrypt, commonly known as Cryptolocker, says Shaw. This threat is designed to encrypt a user’s files and request a ransom for the files to be unencrypted.
Ransom ware causes even more damage to businesses where not only the victims’ files are encrypted but also files on shared or attached network drives. Holding encrypted files for ransom is not entirely new, but getting the ransom paid has previously proven problematic for the crooks. Recently ransom ware makers have started using online and electronic payment systems such as Bitcoins, Webmoney, Ukash, greendot (MoneyPak) to get around this challenge.
Crooks like the relative anonymity and convenience of electronic payments and these are already readily available, putting businesses and consumers at greater risk from losing data, files or memories.
Meanwhile, he notes increasing collaboration among various groups - including vendors - involved in cybersecurity.
The front lines of cybersecurity will be strengthened by closer industry partnerships and collaborations, he states. “This has not happened well in the past but vendors are starting to share intelligence to better understand adversaries and protect customers."Read more: The top cyber risks for NZ in an interconnected world
The security industry is one of few in the world that has a ‘nemesis industry’ constantly working against it to bring it down.
The fight against cybercrime cannot be won alone and the security industry together with telecommunication providers and governments from around the world are joining forces to beat the war on cybercrime.
"The security industry is one of few in the world that has a ‘nemesis industry’ constantly working against it to bring it down. That’s why beating the war on cybercrime requires a different approach," he states.
For example, while in 2015, attackers will continue to look for new vulnerabilities so that they can “hack the planet”, open source platforms will continue to address these vulnerabilities through greater industry coordination, collaboration and response.
“We see this as a positive sign and believe that open source platforms can only get better in the future.’
Send news tips and comments to firstname.lastname@example.org
Follow Divina Paredes on Twitter: @divinap
Follow CIO New Zealand on Twitter:@cio_nz
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.