Integrating Artifical Intelligence into Cybersecurity: AI and Transparency Level the Playing Field
Credit to Author: Jack Chan| Date: Mon, 11 Sep 2017 03:00:00 +0000
In our last post we talked about some of the AI tools (AEE, AutoCPRL, etc.) that Fortinet has developed, and how the specialist teams at FortiGuard Labs around the world collaborate to detect, mitigate, and prevent threats of all shapes and sizes. But all of that happens in the background. How do these innovations and techniques translate into actionable tactics and strategies that decision-makers and CISOs can employ toda, to protect their IP, data, and networks from an increasing number of bad actors and adversaries?
The key to cyber security is visibility (you cannot protect what you do not know). If you know what is happening in your network, at the granular level, you can quickly identify any anomalous behaviour and act to isolate it from spreading throughout your network.
The challenge is to take advantage of AI to further leverage network transparency to address these two critical issues.
More visibility
Adding transparency to network operations has been Fortinet’s stock-in-trade and has propelled them into the forefront of cyber security. In addition, the FortiGuard Labs captures prodigious amounts of threat intelligence from a global network of sensors. Much of the activity is summarised in the weekly Fortinet Threat Intelligence Brief, publication of FortiGuard zero day research and security blog posts. So the next step is combine this global intelligence to the metrics observed in individual networks to provide a benchmark for comparison. That is the rationale behind the new FortiGuard Threat Intelligence Service (TIS), now available in beta. And, to take it one step further, Fortinet is developing a process to integrate local and global metrics to build an enterprise-specific knowledge base for as a launch pad for AI-based analytics.
Collaboration
Adversaries have the element of surprise. They can spring anything anytime. And once defeated, they try again. There is an old saying in network security: “Attackers only need to be right once. You need to be right every single time.” The only way to stay ahead is to act immediately whenever and however they strike. Fortinet utilises Big Data Analytics to predict, detect, and examine these files in combination with AI and adaptive learning to mitigate the threat.
Big Data Mining Example
Fortinet’s Security Fabric, which takes a platform approach, can take threat intelligence gathered through Big Data analytics and then automaticallt alert all inter-connected Fortinet devices with updated prevention signatures. All at a speed and at cost within the reach of any organisation entrusted with sensitive data.
The cyberspace battleground has now been levelled.