Will Cyber Security Eventually Become Automated?
According to Forbes, the cyber security industry is expected to be worth $170 billion (£120bn) by 2020, so it's obvious that our requirement for cyber protection in the form of security software isn't slowing down anytime soon.
It's true, cyber security definitely can't afford to become complacent. Constant technological developments, new operating systems, and more and more online accounts (e.g. banking, shopping, social media) mean that hackers are always looking for new entry points and vulnerabilities to exploit to gain unauthorised access to valuable data.
The Changing Landscape of Cyber Security
Once upon a time, hackers were more like online pranksters out to cause chaos. In the early days of commercial internet use (the 1990s), cyber security focussed more on protecting your documents and files than blocking criminal activity such as theft or identity fraud. As our internet usage has increased, though, so has cyber-crime evolved. Some estimates put 80% of cyber-crime down to organised strikes, with huge profits up for grabs and far less chance of being caught than other types of organised crime, e.g. drug trafficking.
We've witnessed the growing scale of attacks in the news, for example 2016's WannaCry attack on the NHS. This particular malware strain quickly spread around the world, targeting hundreds of thousands of organisations ranging in size and sector in the process. The attack did temporarily take down many NHS computer systems, causing mayhem for A&E departments and GP surgeries, and delaying medical procedures and prescriptions.
Using Technology Can Combat Cybercrime
Software can help protect your systems and networks by acting as a deterrent for hackers that are looking for an easy target. It has to be stressed that no software can promise 100% protection, but it can make it much harder for cyber-criminals to find access points, serving as a necessary layer of security and diverting hackers' attention elsewhere. Antivirus software works by carrying out regular scans of your device and continuously removing items of malware. It also scans for potentially harmful files hidden in emails and documents. Firewalls work by monitoring what information comes through your internet connection in real time and preventing malicious requests. Acting as a kind of sieve, firewalls are another way to mitigate the risk of a cyber-attack.
All protection techniques you use require regular updates so that they can actually work efficiently to protect you – users should never ignore attempts by security software to update otherwise you are putting your devices at risk. Understanding the importance of this is something that can only be achieved in a workforce through cyber security awareness training. After all, the employees are the first line of defence for organisations, so they need to know what threats are out there. Training means they will no longer be seen as a weak link in the cyber-security chain for hackers to exploit, and instead they are prepared to detect and respond to potential threats efficiently.
Even basic awareness training can significantly improve the cyber-security of a company collectively, seen as a small step to help prevent financial and reputational losses, it can make a big difference should the worse ever happen.
Machine Learning (ML) is a way of achieving Artificial Intelligence (AI). Sometimes confused, AI refers to machines performing tasks that are similar in characteristics of human intelligence, and ML is the ability for a machine to do this without being programmed to do so. In other words, when a computer doesn't need a human to programme it to do something along the lines of human intelligence, AI is at work through the independence of ML. Through being able to "learn" with the data they have, they can improve how they perform to work most efficiently.
The growing developments in AI mean that computers could be seen as outperforming humans in certain task, whether that's playing chess or solving equations. This isn't to say that robots are taking over the human race any time soon, but it does leave some individuals questioning whether humans are even needed anymore in the fight against hackers because of how much computers can do themselves.
When it comes to using ML in cyber security, it usually means using the computer to find anomalies in the form of malicious files, by doing so the computer is detecting threats from hackers before the device is harmed.
As AI teamed with ML is most commonly used to deal with simple threats and attacks. Given that the simplest attacks usually have the simplest solutions, the technologies are also likely be able to find the solutions too, suggesting that a computer could deal with a problem from start to finish, all without any human intervention.
The Future of Cyber Security
The future of cyber security experts could be seen as becoming less of a necessity because of the work in ML, but industry experts stress that the need for humans isn't over yet, and that instead they they should work alongside AI to be able to deal with problems most effectively.
Experts can depend on AI technology through ML to actively point out problems that could otherwise be missed due to stretched resources and time pressures. By mixing both forms of security, in terms of human skill and computers themselves, staff efficiency increases because their overall workload is reduced, giving them more time to focus on the issues of higher complexity that AI could miss.
With it being revealed that there aren't enough cybersecurity workforces out there to deal with the growing number of cyberattacks, alongside the fact that these attacks are becoming more complex (so take longer to deal with), the outlook for online safety isn't proving particularly optimistic.
Using ML systems to our favour could allow organisations to deal with problems more efficiently with the resources they have, giving them an advantage in facing future cyber-attacks.
There will always be a limit to AI, making human skills a necessity in the fight against cybercrime. Human teams are needed to deal with the increasingly complex challenges that hackers are coming up with, something that we can't leave up to computers to fix.