Endpoint Protection & Artificial Intelligence - Future

02.05.2018 Read
Endpoint Protection & Artificial Intelligence

Gone are the times when endpoint protection was limited to installing an anti-virus and expecting a reasonable level of protection. With the introduction of Bring Your Own Device (BYOD) and increasing number of IoT devices, there are more endpoints than ever and so are the security threats associated with them. According to this report by Barkly in association with Ponemon Institute,[1]

  • 7 out of 10 organizations have reported that their endpoint security risk has increased significantly in during the last twelve months.
  • 4 out of 5 organizations have replaced or augmented their Anti-virus in 2017.
  • Less than one-third of the organizations believe that Anti-virus can stop the upcoming attacks.
  • 3 out of 4 organizations report having more difficulty in managing their endpoint risk. Moreover, only a third of organizations have adequate resources to look after their endpoint security.
  • Nearly half of security alters are false positives. Organizations see false positives as a #1 hidden cost for implementing endpoint security.

Anti-virus and Anti-malware are not enough

Anti-virus and anti-malware software are still the basic necessities but an organization cannot entirely rely on them. Even though the developers send regular updates, they would be definitely outrun by the pace of evolution of cyber attacks and tools & techniques employed by the attackers. In addition, it is also not practically possible for a human analyst or a team of analysts to go through the log data generated by anti-virus or anti-malware software. Considering that absolute security is a myth, an organization must strive to achieve the highest level of security possible. Moreover, trusting a third-party application with your security also raises a question mark for the top management or the business owners. With the recent issue surrounding Kaspersky Labs and the US government,[2] it is true that you can not absolutely trust a third-party application. As an organization, finding a capable and feasible solution is indeed a headache.

Artificial Intelligence – A Viable Solution

However, with no other option available, Artificial Intelligence and machine learning present a viable solution as they can enable the systems to learn from the incoming data and analyse the same data to come to a definite conclusion. An AI-based system will definitely have more computing power and calculation capabilities than a human analyst. Since the attackers have already started using automated systems, it is right time for the organizations to realize the capabilities of an AI-based system and up the ante when it comes to organizational security. Many experts believe that the next twelve months will see an acceleration in the adoption of machine learning by the attackers as they pursue increased sophistication in their attacks. At present, for AI & machine learning to be successful, the key lies in utilising the cloud services. Traditional systems or servers might not be large or fast enough to process and detect attacks in real-time, but the implementation of cloud servers can speed up the process at affordable prices. Although AI-based anti-virus or anti-malware systems are yet to become popular, the cybersecurity industry needs to take a wake-up call to address the issue of endpoint protection and avoid incidents like WannaCry.