4 Evolving Technology Areas Of Smart Cybersecurity
By Chuck Brooks
The surge in digital connectivity and more sophisticated cyber-threats has promulgated the need for smart cybersecurity. Smart Cybersecurity is a logical reaction to try to manage risk by lessening security gaps often posed by reliance on manual processes that are impacted by a continual cybersecurity skills shortage and the administrative burdens of data security management.
Despite the challenges, there is promise for reducing dependence on humans and bolstering cybersecurity capabilities. A myriad of evolving cognitive technologies can help us enhance cybersecurity and navigate the increasingly malicious and disruptive cyber threat landscape. They include:
- Artificial Intelligence
- Machine Learning
- Automated and Adaptive Networks:
Artificial intelligence (AI): Gartner describes AI as a “technology that appears to emulate human performance typically by learning, coming to its own conclusions, appearing to understand complex content, engaging in natural dialogs with people, enhancing human cognitive performance or replacing people on execution of non-routine tasks.” Some of the basic activities computers with AI are now be designed for include: Speech recognition; Learning’ Planning; and Problem solving. Computing systems that employ AI and ML are becoming more pervasive and critical to cyber operations and have become a major focus area of cybersecurity research development and investments in both the public and private sectors. Discovering, categorizing and synthesizing data is surely advantages in mitigating cybersecurity threats. Holistically, AI technologies can be used to help protect against increasingly sophisticated and malicious malware, ransomware, and social engineering attacks. AI is not sentient (yet) but there is likely a future in AI cognitive autonomy in predicting and mitigating cyber-attacks.
Machine Learning: in basic terms involves getting a computer to act without programming. It often combines with AI and can be thought of as the rapid automation of predictive analytics. Machine learning can provide the fastest way to identify new cyber-attacks, draw statistical inferences, and push that information to endpoint security platforms.
An area where AI and ML can certainly provide an important component for cybersecurity is in threat intelligence. It can be applied to monitor and detect anomalies in the network and identify new threats without known signatures. It can also be utilized to correlate data from silos to understand the nature of attacks and assess network vulnerabilities and risks. AI and machine learning could help on the identity management by cross-checking the veracity of data across multiple fragmented databases.
Automated and Adaptive Networks: Automation allows for horizon scanning and monitoring of networks that can report on deviations and anomalies in real time. It allows for automatic updating of defense framework layers (network, payload, endpoint, firewalls and anti-virus) and diagnostic and forensics analysis for cybersecurity. Both AI and machine learning can be core components and support applications of automated and adaptive networks.
One of the areas that AI and ML can support is robotic process automation (RPA), a capability that allows automated integration with any IT application or website to perform complex rule-based work (such as clerical processes or transactions). Also, AI and ML can facilitate Security Orchestration Automation and Response (SOAR) products by integrating orchestration processes, automation, incident management and collaboration, visualization and reporting under a single interface. SOAR can also provide security operations center (SoC) staff a faster, more accurate way to process large volumes of data produced by cybersecurity systems and help identify and remediate attacks which may be imminent or underway.
Art Coviello, a partner at Rally Ventures and the former chairman of RSA summaries the value of automation for cybersecurity; “There are too many things happening – too much data, too many attackers, too much of an attack surface to defend – that without those automated capabilities that you get with artificial intelligence and machine learning, you don’t have a prayer of being able to defend yourself,” (
Supercomputing: Seymour Cray is commonly referred to as the “father of supercomputing” and his company, Cray Computing, is still a driving force in the industry. Supercomputers are differentiated from mainframe computers by their vast data storage capacities and expansive computational powers. Super computers are the engines for future automation. The National Academy of Sciences, in its study “The Future of Supercomputing,” envisions investments in supercomputing as highly beneficial and that it plays an essential role in national security and in scientific discovery.
In cybersecurity supercomputing is promising. MIT Lincoln Labs Fellow Jeremy Kepner notes that “Detecting cyber threats can be greatly enhanced by having an accurate model of normal background network traffic,” and that analysts could compare the internet traffic data they are investigating with these models to bring anomalous behavior to the surface more readily. This type of capability was demonstrated at a conference sponsored by DARPA, supercomputers sans humans, were exposed to bugs which the computers were able to detect and rapidly repair the threats. The fallibility of the human factor has been a cybersecurity vulnerability. It will likely become more so as we become more immersed in digital interconnectivity (i.e. Internet of Things Smart Cities remote work) associated with the realities of a larger cyber-attack surface.
Smart cybersecurity has a promising and large role to play in identifying, filtering, neutralizing and remediating cyber-threats. By harnessing evolving enterprise tools such as artificial intelligence machine learning, automated and adaptive networks and supercomputing, enterprises will be more readily be able to meet the future challenges. Chuck Brooks a globally recognized thought leader and evangelist for Cybersecurity and Emerging Technologies. LinkedIn named Chuck as one of “The Top 5 Tech People to Follow on LinkedIn.” He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer.” He is also a Cybersecurity Expert for “The Network” at the Washington Post, Visiting Editor at Homeland Security Today, Expert for GovCon, and a Contributor to FORBES. He has also been featured author in technology and cybersecurity blogs by IBM, AT&T, General Dynamics, Cylance, and many others. In government, Chuck has received two senior Presidential appointments. Under President George W. Bush Chuck was appointed to The Department of Homeland Security (DHS) as the first Legislative Director of The Science & Technology Directorate at the Department of Homeland Security. He also was appointed as Special Assistant to the Director of Voice of America under President Reagan. He served as a top Advisor to the late Senator Arlen Specter on Capitol Hill covering security and technology issues on Capitol Hill.
In industry, Chuck has served in senior executive roles for General Dynamics as the Principal Market Growth Strategist for Cyber Systems, at Xerox as Vice President & Client Executive for Homeland Security, for Rapiscan and Vice President of R & D, for SRA as Vice President of Government Relations, and for Sutherland as Vice President of Marketing and Government Relations. He currently sits on several corporate and not-for-profit Boards in advisory roles. In academia, Chuck is Adjunct Faculty at Georgetown University’s Applied Intelligence Program and graduate Cybersecurity Programs where he teaches courses on emerging technologies, risk management, homeland security, and cybersecurity. He was an Adjunct Faculty Member at Johns Hopkins University where he taught a graduate course on homeland security for two years. He has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.