How AI In Cloud Security Is Helping Indian Businesses & Customers Stay Safe Online

Artificial Intelligence is the new buzz-word that every tech company tries to throw at you as a part of product features. But it is actually there to make our lives simpler and more convenient.

Rawpixel

We see AI playing a helping hand in more and more things we do: from AI for prompt voice-assistant based responses to AI helping us type better with prompt and context-specific suggestions, to even keeping us safe and secure from the nasties of the Internet.

That's right, companies like IBM who are at the bleeding edge of AI research and application are also including AI in security. I got the opportunity to interact with IBM India and South Asia's Security Software Leader, Vaidyanathan Iyer and his views on AI in cloud security and how it affects all of us behind-the-scenes.

Why do businesses need AI in cloud security?

Vaidyanath Iyer: AI for security is not just limited to its applications to cloud security but is an enabler across all platforms - it becomes even more critical to Cloud as monitoring of events generated by cloud elements is a more complex task. The rate of change on cloud deployments are much quicker than traditional deployments and hence the need of agility and complex analysis is the need of the hour to be on top of the monitoring - all these factors together accentuate the need to utilize AI technologies for cloud security.

Further, the growth of cybersecurity technology and data combined with a growing skills shortage is creating an unexpected level of complexity for security teams and hence AI plays a crucial role in bridging this gap. Our cloud-based platform IBM Security Connect is designed to enable users to apply machine learning and AI, including Watson for Cyber Security, for analysis to help them identify threats or risks and improve the efficacy and efficiency of threat detection and response. Security analysts can design and deploy new customized and comprehensive solutions to address security outcomes, such as SOC Operations workflows or Digital Trust.

How is AI protecting Indian businesses and users?

Fraud Management: A large private sector bank utilizes AI on the cloud to analyze every Mobile banking transaction to identify signs of abnormality and help prevent customers from being defrauded. The AI technology also helps genuine users to have a more simple and transparent user experience while working on the mobile system.

Mobility Management: Mobile devices are ever-changing, usage patterns are varied and always connected to the Internet and often it also carries critical enterprise data - managing these employee-owned devices are a constant challenge - Multiple organizations are utilizing AI technologies to get continuous insight into its usage and enforce the most appropriate policy which does not hamper user experience. AI also helps uncover vulnerabilities and threats to these systems; discover avenues of security improvement based on peer benchmarks and best practices and lastly, Increase IT efficiency with automated delivery of contextual insights and recommendations.

Threat Hunting: Security Operators are overloaded with insights and incidents on a daily basis - lack of appropriate "security data" as well as domain knowledge is one of the biggest bottlenecks for effective Threat Management - AI and Cognitive technologies are being utilized to understand every security detail and analyze it in context to the massive amount of Intelligence data published on the net and social media and provide timely and relevant insights which can be acted upon quickly and decisively.

Behavior Analytics: Today's organization is a connected organization with no clear IT infrastructure boundaries within which businesses are confined - behavioural aspects of employees today encompass data points which are vastly different from what was the scenario earlier - a behaviour of a shift engineer or an administrator could be defined accurately and enforced earlier - Today such restrictions cannot be applied and hence need to dynamically build normal behaviour benchmarks based on actual functioning is needed - AI helps builds these behavioral patterns and monitor usage against these ever-changing patterns to identify risks and apply security controls dynamically and on time.

Challenges in implementing AI in cloud security?

Cloud deployments while are based on open standards but visibility into the internal functioning of these deployments are still limited - and often these systems are shared and hence identifying security risks are a big challenge. For effective AI - granular and continuous access to information is required. Cloud vendors often provide assurance in the form of Service Level Agreements but do not allow access to the data that is needed for AI engines to work and this is the most important challenge. The second challenge is the availability of trained resources - while the AI technologies have matured but technical know-how to extract the result out of these technologies are limited - the risks of badly deployed AI are manifold and well acknowledged by all experts.

What is being done to address these challenges?

1. The standards are being modified to include provisions of monitoring of cloud systems - cloud vendors are providing APIs to provide visibility into their systems and allowing configuring security at the most granular level. These kinds of information can then provide the necessary data to build the AI models to monitor the security of the cloud.

2. AI as a service reduces the challenges of security professionals proficient with AI to deployed at each organization - these service providers are also capable to collaborate effectively and ensure that best practices and innovations are quickly adopted and keep the AI deployments and output to be effective.

What's the danger to businesses and customers/users if AI security measures aren't deployed?

1. The agility and comprehensiveness of analysis is the key to providing effective insight - without AI systems organizations would not be able to react on time. We are well aware that security costs exponentially increases as the time taken to remediate an incident increases. As per IBM-Ponemon latest study, ?128 million is the average total cost of data breach, which represents an increase of 7.29% from the prior year (last year it was ? 119 million). Around ?5,019 is the per capita cost per lost or stolen record, which represents an increase of 9.76% from the prior year. Further, the meantime to identify the data breach increased from 188 to 221 days. This indicates how organizations are in the danger of cost overruns as well as the inability to react during the time of security breach.

2. AI-based security tools also reduce the risk of "resourcing" - in today's environment the market is seeing a massive shortage of skilled resources and in absence of such resources organizations are in danger of not being able to maintain or improve upon their security posture. By leveraging the power of AI to understand the full context of various types of threats, and automation of specific actions via intelligent orchestration, we can use machine intelligence to handle more remedial yet time-intensive tasks, and free up analysts to focus their attention on more complex and priority threats.

We believe AI is the necessary evolution of the cybersecurity industry to keep up with increasingly sophisticated threats and demands on security analysts. Machines and AI excel at different types of tasks that humans are not well suited for; AI will not replace human reasoning and decision making, however, it can augment the skills of human security analysts allowing them to do their jobs faster, more accurately and more efficiently.