The rush is on for innovators to provide a line of defense against cyberattacks, which has been steadily increasing with no corporation or governmental entity seemingly immune to the infiltration of cyber thieves. Those threats have given rise to intelligence initiatives to identify attacks before they happen.
MIT recently revealed that it has developed an artificial intelligence system that can detect up to 85 percent of cyberattacks. The system works by reviewing data from about 3.6 billion lines of log files on a daily basis — sending alerts about anything that is suspicious. MIT researchers said that it also relies on analysts’ input, which is why they have named the process Artificial Intelligence Squared.
Other automated cyber attack detection systems are already in use, but MIT reported that their new AI system is about three times more effective in identify cyberattacks.
These innovations are considered essential to helping businesses of all sizes. According to recent statistics, small businesses — even so-called mom and pop businesses — are becoming increasingly under attack, according to a new report by cybersecurity firm Symantec.
A chief strategist for Symantec said the rise has come about because cyber thieves consider small businesses an easier target. Of the cyberattacks reported in 2015 globally, 43 percent targeted small businesses with fewer than 250 employees.
Making use of threat intelligence data
For companies using threat intelligence data, the next step is determining how to use it effectively. As an example, it can be challenging to work around the separate of roles and responsibilities in different departments — the IT security team, the network team and the server team. With those separations, it can be difficult to determine how to take action on the data.
The following are recommendations by security firm Fortinet on handling intelligence data:
- Make a plan for identifying threats against your company — reviewing the ways they may be different for different platforms.
- Identify any gaps in your awareness of threats; developing a plan to implement compensating controls
- Evaluate your capability on how your team will be alerted about any threats, including which team members will be notified and how they will be empowered to act on the intelligence