Will Cognitive Technologies Change the Way we Fight Cyber Crime?
By Jean-Claude Broido, VP, Security Asia, IBM
Cybercrime continues to be on the rise. In many ways, cybercrime resembles a human virus: it changes rapidly, constantly, and gets more sophisticated with every iteration. This makes cybercrime, like a virus, very difficult to control, identify or eliminate. In the last few months in Asia, we have seen many examples of targeted cyber-attacks against telecom services providers, banks, manufacturing companies, and government web sites. Customers’ personal data and digital identity have been exposed, Intellectual Property has been stolen from organizations, and digital businesses have been compromised.
"Cognitive technologies promise to make a huge impact on the threat landscape "
Organizations are working hard to ensure they have a security strategy to protect their operations and to constantly monitor and analyse enterprise data flow. Intelligence, speed, and accuracy are vital, but the growth and sophistication of cybercrime is becoming overwhelming for many organizations to stay abreast. The negative consequences of incidents and breaches are increasing, and the financial costs and risks are rising rapidly. Finally, many organizations are faced with a shortfall of security experts with the right skills.
Cognitive technologies promise to make a huge impact on the threat landscape. With cognitive technologies, a new generation of systems can be trained to understand reason and learn about constantly evolving security threats.
While the majority of professionals believe cognitive technology can significantly slow down cyber criminals, most are still in the early stages of evaluating its potential (only 7 percent in process of implementing cognitive security tech). However, 21 percent said their organizations plan to use these solutions in the next 2-3 years -- indicating a potential 3X increase in the use of cognitive security within the next few years.
The biggest challenges security professionals believe cognitive can help with are intelligence (improving detection and incident response decision-making capabilities); speed (reducing incident response time) and increasing accuracy (to discriminate between events and true incidents).
Results: Top Cybersecurity Challenges
• Reducing average incident response and resolution times; 45 percent selecting •Optimizing the accuracy of alerts (too many false positives); 41 percent selecting • Keeping current on new threats and vulnerabilities; 40 percent selecting
In Asia-Pacific, respondents lined up with global counterparts on these top cybersecurity challenges but with one noticeable difference – AP respondents find that visibility and data sharing among internal and external stakeholders is a much bigger challenge than the rest of the world does (35 percent versus 23 percent).
This issue has been recognized by government and private enterprises alike across Asia with many initiatives underway to increase the collaboration between public and private sectors. Keynote speakers from recent events like Interpol World, GovWare in Singapore or Finovate in Hong Kong also emphasized the importance of such efforts.
Respondents also said the biggest hurdle to overcome will be a lack of competency and skills within their organizations to implement these technologies. As such organizations across Asia Pacific need to tap into real-time education and training to ensure they are prepared to respond. Such training would immerse people in simulated cyber attacks to provide experience preparing, responding and managing a broad variety of threats.
Founded in 1911, and headquartered in New York, U.S., IBM (NYSE: IBM) is a global technology and innovation company. The company has more than 375,000 employees serving clients across 170 countries.