Generating Profit and Advanced Threat Intelligence in Cybersecurity

  • Cybercrime has evolved and expanded into a highly-profitable enterprise where hackers generate more revenue and have the means to innovate faster than the defenders. As a result, they’re leading a new dawn of cyberattacks with artificial intelligence (AI) and machine learning (ML) at the center of their arsenals. Fighting fire with fire is the best defense. Read more in this article which cover how to bolster your managed security services profitability and how to harness the power of AI and ML to protect businesses from today’s growing and advanced cyber threats. Topics covered include:
  • Why SMBs need greater focus on cybersecurity.
  • The application of ML and AI in today’s cyberattacks.
  • Role of ML and AI in effective cybersecurity.
  • Getting started – what are the first and next steps? And more.
Generating Profit and Advanced Threat Intelligence in Cybersecurity
Generating Profit and Advanced Threat Intelligence in Cybersecurity

Content Summary

Introduction
Barriers to success – why SMBs need a greater focus on cybersecurity?
The application of AI and ML in today’s attacks
Fighting fire with fire – the role of AI and ML in cybersecurity
Bolstering profitability – outsourced managed security services
Getting started – what are the first and next steps?

Introduction

Just a few decades ago
Cybercrimes were the work of amateurs – and hackers were purely motivated by enjoyment. In fact, the most notorious cybercrimes in the 1980s were executed by a group of teenage boys known as the 414s. After breaking into more than a dozen high-profile systems, including those at Los Alamos National Laboratory, they were only charged with two years of probation.

Fast-forward to 2018
Times have changed dramatically. Cybercrime has evolved beyond benign teenage mischief, and is now linked to organized crime, human trafficking, terrorist cells, and nation-states. Moreover, it has expanded into a highly-profitable enterprise where hackers generate more revenue and have the means to innovate faster than the defenders. As a result, they’re leading a new dawn of cyberattacks with artificial intelligence (AI) and machine learning (ML) at the center of their arsenals.

To keep up
Fighting fire with fire is the best defense. Businesses of all sizes must bring equally effective and intelligent security tools to the party. Fortunately, there are resources for tackling this constantly-evolving cyber war. Today, there are a variety of solutions that harness the power of AI and ML and protect businesses against today’s growing and advanced cyber threats.

Statistic:

  • Cyber attackers generate $1.5 trillion in annual profit, which is about equal to the GDP of Russia.

Barriers to success – why SMBs need a greater focus on cybersecurity?

Today, businesses of all sizes, large and small, are potentially at risk of cyber attacks. And research shows that cybercriminals consider SMBs easy prey. In fact, experts say that 50% of SMBs have encountered a cyberattack, and once attacked only 40% survive after six months. In light of these risks, effective cybersecurity is a clear necessity for SMBs, but there are a number of barriers preventing them from sufficiently protecting their networks and data:

Massive Cybersecurity Skills Shortage
The shortage of trained cybersecurity workers is a colossal problem, with unfilled positions reaching into the millions. And many of those working in the industry fail to hold the required skills and expertise to perform their jobs effectively. For enterprises, the issue is massive, but SMBs are even more vulnerable because supply and demand makes it impossible for them to afford competent resources.

Limited SMB Budgets
For many SMBs, tight funding results in bare-bones protection – or worse, forgoing security altogether. Cybercriminals recognize that small businesses don’t have the same level of protection as larger businesses, which unnecessarily exposes SMBs to threats.

Solution Don’t Fit SMB’s Needs
There is not a one-size-fits-all answer to cybersecurity, and SMBs generally believe that cybersecurity solutions don’t fit their unique requirements. And when they do, they arrive with a hefty price tag that simply doesn’t work for cash-strapped smaller businesses.

Cybercriminals Don’t Work 9 to 5
Most SMBs don’t have dedicated analysts working day and night to monitor networks and address threats. Effective cybersecurity requires a team of professionals working around the clock to detect and respond to incidents, which isn’t realistic for SMBs.

Because of the above challenges, the MSP model is an excellent answer
for SMBs with limited budgets, staff, and specific requirements. Plus, technology that leverages AI and ML for intelligent threat response, reduces the cost of doing business – making solutions more affordable for MSPs, which in turn, is passed to the SMB.

Statistic:

  • The overall annual average loss for smaller businesses from cyber attacks is estimated to be US $79,841 with a median loss of US $2,000 and a maximum total loss of US $1 million.
  • 51% of cybersecurity professionals claim that their organization has a problematic shortage of cybersecurity skills.

The application of AI and ML in today’s attacks

AI and ML are undoubtedly hot topics in cybersecurity, but what exactly are they and how are they altering the elusory cybercrime landscape?

Artificial Intelligence (AI)
is technology that applies reasoning and learning to enhance a variety of operations. It utilizes data and identifies patterns, at scale, and improves its intelligence over time. There are several subsets, such as ML, deep learning, neural networks, natural language processing, rules engines, and more.

Machine Learning (ML)
is a subset of AI that gives computers the ability to learn from data and experiences, and to improve their intelligence over time without explicit programming. It’s analogous to the adage, “give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime.” In the same vein as the fisherman, programmers provide the systems with a goal, and the machine draws its own conclusions, adapts new responses, and makes educated decisions – much like humans.

AI-powered cyberattacks, once viewed a product of science fiction, are now reality. It’s not a matter of when cybercriminals will utilize AI to carry out attacks, they’ve already begun to release chaos using a variety of methods and experts predict it’s going to escalate over the next decade.

Statistic:

  • 91% of cybersecurity professionals are concerned about hackers using AI against companies in cyber attacks.

AI-Powered Bots
Bot (an abbreviation for “robot”) is an automated executable that runs over the Internet. Bots can be both friendly, such as tech support bots, or insidious and malicious. Hackers can carry out social engineering attacks through AI-powered bots that replicate human behavior, making it nearly impossible for victims to differentiate between a friend, family member, or bot. Once the bot establishes trust, they trick the victim into revealing sensitive information, leading to devastating and widespread consequences. What’s more, these AI-powered bots can execute these attacks swiftly and at scale.

Captcha is Dead
The once tried-and-true method of Captcha, which is utilized to stop automatic access to systems from bots is now officially dead, according to Google. In 2017, researchers from Vicarious built a program, called the Recursive Cortical Network (RCN), which easily solves Captcha challenges by replicating human behavior. There are new methods for blocking bots, but this is an excellent example of how quickly AI and ML can render security measures obsolete.

Polymorphic Malware
Polymorphic malware is malware that evolves and constantly changes to evade detection. Viruses, trojans, keyloggers, and even bots can be polymorphic. This type of malware keeps our defenses guessing because as it gets smarter, the malware perseveres – continuing to “morph” and learn. And with today’s great strides in AI technology, we’re likely to see a new wave of polymorphic malware with unprecedented sophistication.

AI-Powered Phishing Attacks
Phishing is the use of unsolicited communication, such as email, SMS, or phone calls from a fraudulent company to obtain sensitive information. These attacks account for the largest percentage of security breaches today. Unfortunately, over the next decade, phishing will become even more common because the criminals successfully leveraging AI will enjoy the same benefits as businesses, such as reduced cost associated with labor.

Statistic:

  • 97% of malware infections utilize polymorphic techniques.

Fighting fire with fire – the role of AI and ML in cybersecurity

There are no shortcuts to effective cybersecurity but utilizing a layered strategy with AI and ML can lower the likelihood of a breach or attack. Multi-vector protection, intelligent remote monitoring and management (RMM), security awareness training, anti-virus, anti-malware, and strong backup practices are just a few of the crucial components of a layered approach.

Statistic:

  • Three quarters of cybersecurity professionals in the U.S. believe, within the next three years, their company will not be able to safeguard digital assets without AI.

Solving Problems Humans Cannot
While a layered approach to security is vital for success, the simple fact is, AI and ML can solve complex cybersecurity problems that humans cannot. To detect advanced threats, AI employs pattern recognition, natural language processing, and predictive analytics to identify anomalies and unusual activity at a faster pace and more accurately than humans. And with its ability to apply advanced algorithms across massive datasets, ML formulates models of behaviors and devises predictions, once thought of as virtually impossible.

Addressing Outdated Security Approaches
Advanced security tactics with AI have quickly replaced outdated security approaches. For example, the tried-and-true signature-based approach to malware detection is now almost obsolete. With new malware files reaching nearly a million daily, it’s unrealistic for cybersecurity analysts to create anti-virus signatures for every instance of malicious software. What’s more, AI is a much more effective approach to combat polymorphic malware and its constantly-changing characteristics and signatures that elude pattern-matching detection.

Combatting the Volume, Velocity & Variance of Threats
fighting fire with fire is the best defense. Businesses of all sizes must bring equally effective and intelligent security tools to the party. Fortunately, there are resources for tackling this constantly-evolving cyber war. Today, there are a variety of solutions that harness the power of AI and ML and protect businesses

  • Enables human administrators to create automated security policies
  • Enables machines to automatically allow or block according to policies
  • Enables time-of-need security decision making

Bolstering profitability – outsourced managed security services

Lack of budget, talent, and compliance expertise are driving SMBs to seek out MSPs that offer outsourced managed security services (MSS). In fact, the global MSS market size is expected to grow from USD 24.05 billion in 2018 to USD 47.65 billion by 2023, at a Compound Annual Growth Rate (CAGR) of 14.7%. Because of these facts, 2018 is a prime time to get ahead of the competition and grow your services portfolio with MSS.

Benefits of outsourcing
Benefits of outsourcing

Building new recurring revenue streams is key to increasing MSP profitability. Fortunately, working with security vendors that offer a layered and multi-faceted approach to security, with AI and ML, allows you to leverage advanced threat intelligence security services without the overhead of building them yourself. Which, in turn, helps you achieve your financial goals.

What’s more, efficiency plays a big role in profitability and for MSPs, there are never enough hours in the day. An intelligent security approach utilizing AI with automated policy enforcement; malicious IP, website, and file blocking; and phishing protection frees up your security analysts to focus on incident response and more strategic tasks.

Statistic:

  • Only 15% of MSPs offer some sort of security service today, but 62% are looking to add security services to their portfolio in the next 12 months.

Getting started – what are the first and next steps?

Building a cybersecurity practice presents MSPs with an unparalleled opportunity to future-proof their businesses. But how do you get started?

Utilize a Platform Approach Specifically Suited to MSPs
Seek out vendors that offer centralized management integrating all aspects of cybersecurity into one platform through a single plane of glass. If necessary components don’t exist, work with strategic security partners to fill in the gaps.

Employ Cloud Technologies
Cloud-based services are the first choice for SMBs and MSPs due to operational agility and lower up-front costs. Engage with vendors that offer subscription-based pricing models to promote recurring revenue growth.

Consider Specialization
Specializing in verticals is a fantastic way to offer a unique value proposition to your clients. In addition, regulatory compliance is a key factor for SMBs when it comes to choosing an MSP. Industries that require regulation such as retail (PCI), healthcare (HIPAA), telecommunications, oil and gas, finance, and others prefer to engage with MSPs that are experts in the compliance standards required by their businesses.

Leverage Webroot Solutions Powered with AI
MSPs that partner with Webroot have a unique opportunity to leverage
AI-powered solutions to improve their customers’ security posture
– while decreasing operating costs, reducing remedial tasks, and improving cycle time. For over ten years, Webroot has applied the most advanced ML technology in the industry to its cybersecurity solutions. This experience, combined with the collective knowledge of their data scientists and statisticians gives Webroot a distinct advantage in combatting known and unknown threats. What’s more, Webroot’s BrightCloud® Threat Intelligence Services integrate accurate and real-time threat intelligence into network and endpoint protection to protect customers from malicious URLs, IPs, files, and mobile apps. It scans billions of IP addresses and URLs across millions of domains and mobile apps – leveraging ML to classify and categorize each according to the threat it represents to businesses.

Statistic:

  • Machine learning’s super power is that the amount of data it can take it has no limits. Think about it the context of healthcare: what if the best doctors in the world could work on your issue, around the clock? ML can provide that value to cybersecurity.

Source: Webroot White Paper: Generating Profit and Advanced Threat Intelligence