Intelligent Cyber Defense
programs are taking
cyber security to the
next level, though it’s
unlikely they’ll keep
hackers at bay for
By Antony Ireland
Hailed by some as a Holy Grail for cyber security protection, machine learning programs are helping businesses identify and counter cyberattacks more effectively than ever before. From programs scanning the dark web for clues of cyberattacks to software analyzing companies’ data network flows and user behavior,
risk managers, CTOs and CIOs have a growing choice of tools at their disposal.
As more devices come online and more data is produced, the potential
vulnerabilities hackers can exploit grow exponentially. So too grows the need for
tools that help firms spot threats and strengthen their cyber networks.
“It is increasingly important to develop tools to sift through the noise, identify
signals and check for anomalies to identify attack vectors that are susceptible and
being exploited,” said Eric Cernak, vice president, Hartford Steam Boiler.
“Machine learning can really help this process.”
Leveraging powerful algorithms, programs that harness machine learning are
getting better at spotting the difference between genuine threats and innocent
anomalies. They can detect threats faster than before.
Ryan Griffin, senior vice president, JLT Specialty USA, pointed out that the
average time to detect an event was 180 days. Now it can be done in three.
According to ethical hacker and cyber security expert Mike Peters, vice
president for IT, RIMS, more than 70 percent of attacks exploited known
vulnerabilities in available patches last year. Machine learning programs can
process vast quantities of data while iteratively learning, promising to help
uncover many of these threats with minimal human involvement, he said.
“Machine learning systems have a big role to play in conquering threats
currently handled in a manual fashion.”
Credit rating firm FICO launched its own cyber vulnerability assessment tool,
which scans the entire web on a weekly basis, gathering data company internet
footprints. It learns about the conditional attributes and vulnerabilities exhibited
by companies in the lead-up to a breach. Companies using this software scan and
compare their own internet footprints to assess their cyber risk level.
According to Graeme Newman, cyber leader, Barbican Insurance, the program
has so far found the most at-risk company to be 24 times more likely to suffer a
cyber breach than the one with the best risk rating. It also confirmed the belief
that certain sectors are more vulnerable than others; budget-strapped education
entities typically rated poorly while banks scored highly due to heavy investment
in security infrastructure.
“Hackers have various tools available to them and are looking for certain
vulnerabilities. The scanning software gives the company the same view of its
internet footprint as any hacker would get,” explained Newman.
“A company that takes the findings very seriously may well look at every
individual asset and negative signal with a view to fixing things and putting in new
policies and procedures. That’s where the big work comes in.”
Insurers are also partnering
with tech firms to offer similar risk
assessment solutions. Allianz recently
entered a heavyweight partnership
with Aon, Apple and Cisco, harnessing
the tech firm’s intelligent Cisco
Ransomware Defense software.
Jenny Soubra, head of cyber and
tech, Allianz Global Corporate &
Specialty, claimed Cisco offers the most
holistic cyber security solution in the
market, and its counterintelligence
measures identified the WannaCry virus
• The average time to detect a
threat event has been shortened
• Companies most at risk are found
to be more vulnerable by a factor
of 20 or more.
• Public entities are more at risk
than better capitalized private
“You have to treat machine
learning like any other tool in
your toolbox. You can’t become
overly dependent on any one
— Eric Cernak, vice president, Hartford Steam
Artificial intelligence is being enlisted in the cyber defense effort. How long any defense can keep attackers at bay is in question.