As the scope of cyber-violations continues to expand with the increase in the volume of encrypted web traffic and attacks on the supply chain, security professionals in India will spend more on tools that use Artificial Intelligence (AI) and Machine Learning. (ML) to combat malware attacks, said a Cisco report on Wednesday.
Applying these tools can help improve network security defenses and, over time, "learn" to automatically detect unusual patterns in encrypted web traffic, the cloud and Internet of Things (IoT) environments .
The "Cisco 2018 Annual Cybersecurity Report" showed that more than half of the organizations surveyed in India depend on automation, ML and AI.
"Attackers are exploiting defenseless gaps in security, many caused by the expansion of the Internet of Things (IoT) and the use of cloud services, and advocates often pay little attention to the security of these systems. Unpatched IoT devices and unmonitored attackers have opportunities to infiltrate networks, "IANS Vishak Raman, Director of Commercial Security at Cisco India & Saarc, told IANS.
"AI, ML and automation are increasingly desired and expected by CISOs (Chief Information Security Officers) and other security leaders, and they are investing in these technologies to mitigate attacks," Raman added.
According to the report, 30 percent of security professionals said they used products from 25-50 vendors in 2017.
Raman said that the use of products from multiple vendors can make security complex in case of supply chain attacks, making artificial intelligence-based tools that can quickly detect violations constitute a promising weapon to find vulnerabilities and frustrate future threats.
The report showed that while encryption is intended to improve security, the expanded volume of encrypted web traffic (50% as of October 2017), both legitimate and malicious, has created more challenges for defenders trying to identify and monitor possible threats. .
Cisco threat researchers observed a more than threefold increase in encrypted network communications used by inspected malware samples over a 12-month period worldwide.
"Adversaries are increasingly adept at escaping through cloud services and other technologies used for legitimate purposes, and threat actors use encryption tools and legitimate web services such as Google and GitHub to hide their malicious activity." said Raman. now reaching unprecedented levels of sophistication and impact.
While still in its infancy, LD and AI technologies will eventually mature and learn what "normal" activity is in the network environments they are monitoring, the report says.
"The evolution of last year's malware shows that adversaries are increasingly wise in exploiting defenseless breaches in security," said John N. Stewart, Senior Vice President and Director of Security and Trust at Cisco.
"As never before, advocates must make strategic security improvements, investments in technology and incorporate best practices to reduce exposure to emerging risks," Stewart added.
The Cisco report highlighted the findings and perceptions derived from threat intelligence and cybersecurity trends observed in the past 12 to 18 months from threat investigations and six technology partners: Anomali, Lumeta, Qualys, Radware, SAINT and TrapX.
Also included in the report are the results of the Security Capabilities Reference Study 2018 that surveyed 3,600 CISO and security operations managers (SecOps) from 26 countries, including India, on the state of cybersecurity in their organizations.