As cybercriminals continue to become more sophisticated and prolific, one of the key weapons in their arsenal is automation, letting them mount massive numbers of attacks without human intervention. The only way for organisations to combat this threat is to deploy an automated solution of their own, preferably based on artificial intelligence (AI), according to Fortinet distributor, Wavelink.
Hugo Hutchinson, national business development manager for Fortinet, Wavelink, said, “The cyberthreat landscape has hit a point where it’s only a matter of time before a company is attacked. Businesses must therefore face the reality that it’s impossible to achieve 100 per cent protection against all risks so, instead, they need to find the right balance between prevention and detection.”
A recent study revealed that chief information security officers (CISOs) devote 36 per cent of their budgets to responding to threats and 33 per cent to preventing them. But many CISOs would prefer to reduce spend on prevention and increase the amount they spend on detecting and responding to threats. Worryingly, 21 per cent of the surveyed CISOs believed cybercriminals’ capabilities were outpacing their ability to defend against them. (1)
With the often-cited cybersecurity skills shortage remaining a problem, the question for these CISOs becomes how to make the most of their existing resources. The answer lies in AI and automation.
Hugo Hutchinson said, “With attacks being powered by AI and automation, there is simply no way an organisation can combat the threat using human power alone. It’s essential to fight machines with machines. This fills the skills gap effectively and means people can be freed up from dealing with every security event from a multitude of sources. With machines dealing with most threats, people power can be reserved for more complex or urgent threats. Then, security teams can focus on proactive threat prevention, strategic security initiatives, and threat intelligence.”
AI and automation can also lead to faster response times and increased visibility. This is essential as networks continue to gain complexity. Multi-cloud and hybrid environments, a plethora of endpoints, bring-your-own-device policies and more combine to make the security environment challenging. Simplifying detection and response through automation and AI is essential. And, with the right integrations, tools protecting one part of the network could automatically notify tools protecting other parts of the network of an imminent threat, further improving response times.
Hugo Hutchinson said, “Automation means security teams can be more productive and efficient, and more confident that security breaches are being detected and dealt with before they can cause significant damage. The best AI-enabled tools should be powered be best-in-class intelligence and research and analytics technology with data collected from a variety of nodes. It’s also important to remember that even the best tools can be rendered useless by human error, so security teams must invest time in educating the workforce regarding threats and how to avoid them.
“By leveraging AI and automation, CISOs can beat cybercriminals at their own game even with fewer resources.”
(1) Making Tough Choices: How CISOs Manage Escalating Threats and Limited Resources, conducted by Forbes Insights in conjunction with Fortinet