The vital shift from prevention to prediction, and how AI cybersecurity enables it

Highly-publicized data breaches at companies, both globally and in the Gulf region, have turned cybersecurity from an IT discussion to a board-level discussion in recent years. Threats including malware, ransomware and exploitation of cloud vulnerabilities, all of which are rife in the Gulf, have become so advanced that it is a question of when and not if a breach happens. The goal now is therefore a cybersecurity solution that can predict, detect and respond to attacks, rather than simply trying to prevent them.

Prediction? Detection? Intelligent, automatic responses? If you think that sounds like a job for modern Artificial Intelligence (AI) and machine learning technologies, well, you’re not the only one.

At GBM, we are currently touring our Security Summit 2018 in Oman, Dubai, Bahrain, Abu Dhabi and Kuwait, to help organizations fully understand the shift from prevention to prediction, as well as the importance of AI in making that shift. We are sharing insights with C-suite guests on industry-specific challenges, AI network security, next-generation security operation centers (SOCs) and other key topics.

We’ve also published a white paper, “Breached or Not Breached?”, with insights from GBM’s 7th Annual Security Survey, a look at the state of cybersecurity in the Gulf, and recommendations for modernizing security with AI.

If your cybersecurity strategy is still focused on prevention, then, why should you consider changing your perspective? It starts with the very real cyber threats to Gulf businesses.

Survey results: a disconnect between belief and reality

Our Annual Security Survey 2018, which drew 610 responses mostly from IT and security managers and professionals, shows that while the majority (79%) of businesses believe they already have effective security in place, almost half (41%) had suffered a security incident in the past year – and the latter only includes businesses who were willing to admit a breach, or had successfully detected one.

• 79% believe their company has an effective security strategy
• 41% suffered a security incident in the past year (15% suffered more than five incidents)
• 31% prioritize detection and response

These numbers suggest a disconnection between how effective Gulf businesses believe their security is, and the reality of the risk to their data and infrastructure.

Security incidents are happening in huge numbers; yet less than a third (31%) of businesses prioritize detection and response over prevention. With the average breach costing US$148 per compromised record, we suggest this needs to change.

Stronger attacks on bigger surfaces

Why are security incidents now inevitable? Because attacks are increasingly complex, structure and sophisticated. Our research shows that:

• Growing cloud adoption has created new attacks surfaces and security risks
• Identity theft through phishing and other scams is a major source of data breaches
• Ransomware that directly extorts money from businesses is on the rise

The 41% of survey respondents who suffered a breach also represent a sharp rise in such incidents, from 28% just two years ago.

When cyberattacks become more sophisticated and effective, the answer is clearly to make your security strategy more sophisticated and effective too. This is where AI comes in.

Predict, detect and respond with AI

AI is not here to replace human security teams. However, given the huge volumes of data that must now be collected and analyzed in order to detect threats – not to mention the growing number of threats – AI is an invaluable tool that adds an extra dimension to security. It takes the pressure off security professionals dealing with this data deluge, and it does this in three ways.

• 62% of our survey respondents are likely to adopt AI security

Firstly, it predicts. With AI watching network traffic, it can learn what is normal and what is suspicious. Today’s sophisticated threats probe the network for weaknesses before making an attack, and AI can identify this suspicious behavior and alert teams to a coming attack before it happens. That’s predictive AI security.

AI detects breaches in much the same way, by monitoring network behavior and spotting suspicious patterns. Breaches are detected earlier, so that damage and costs are limited.

Finally, when AI is integrated with the SOC it can also automate and orchestrate the threat response, acting to re-secure infrastructure and alerting the human team to take further action.

If you would like to learn more, visit our Security Summit 2018 website for details on where you can join GBM experts for sessions and solution demos across the Gulf. Cyberattacks may be inevitable now, but with AI, the damage they do to your business doesn’t need to be.