British cybersecurity firm Darktrace explained to CNBC why companies should invest in artificial intelligence to secure their networks.
In a constantly evolving digital threat landscape, where firewalls and antiviruses are considered tools of antiquity, companies are looking to more technologically advanced means of protecting crucial data.
One such firm, U. K.-based Darktrace, uses machine learning capabilities — advanced algorithms that can adapt and learn — and probabilistic mathematics to learn the normal ‘pattern of life’ for every user and device in a network and detect anomalies. Their technology is modeled after how a human immune system identifies and responds to foreign threats — swiftly and without compromising the human body’s key functions.
«The philosophy of our entire portfolio, or our approach, is largely based on this DNA: human immune system,» Sanjay Aurora, managing director for Asia Pacific at Darktrace, told CNBC. «How have human beings, for millions of years, thrived and survived? (It) is because of our immune system. Almost every day, we’re hit by unknown unknowns, which is the way organizations are also hit… in terms of viruses and malware. »
Experts point out the cyber-threat landscape has drastically changed and that criminals are now using more advanced technologies to launch sophisticated attacks. Even a few years ago, launching a distributed denial of service attack to take down a website, defacing webpages and stealing credit card details were considered major instances of cyber-attacks. Today, anything from medical records to airline miles — data that can be sold — are considered targets.
Detecting criminals who have breached a network has become harder because they maintain a low profile once they’re inside. A recent report from cybersecurity company FireEye showed organizations on average took 99 days in 2016 to realize they had been breached. While that figure improved notably from the average 146 days it took in 2015, experts say attackers can do a lot of damage within that time.
In the past, attacks were extremely noisy, according to Eric Hoh, president for Asia Pacific Japan at FireEye. «Your computer would stop working and you’d know about it. There’d be a message that’ll show on your computer and you’ll know about (the attack),» he told CNBC.
Today, Aurora said, attackers are spending weeks, months and years looking for crucial information inside a network. More worryingly, he said, cyber-attackers are focused on not only stealing the data but also altering them without detection. If an attacker can alter a single row or column of data in a database once a month, undetected, in the long run the consequences can be severe because companies would find it hard to distinguish between real and fake.
