An Autonomous IT-led approach to cyber-defense is the key for organizations to better tackle cyber-threats in the new decade.
By Raghunath S and Sriram Rajan
To ensure data is secure, any organization needs the right combination of skill variety and flawless execution. And Artificial Intelligence (AI) helps make this possible. AI is a game-changer in warding off cyber-threats and shielding critical data, and hence it can be pivotal in keeping cyber-criminals at bay.
Though IT systems typically use a number of automatic processes, they mostly operate sans any real awareness of the IT environment around them. This is bound to change for the better, with more and more organizations looking to reap the benefits of AI-powered autonomous systems.
While AI has been around for years, not many organizations have gone beyond just scratching the surface of tapping into AI’s vast potential, until recently. With the advent of cloud, driving affordable, reliable computing coupled with scalable storage and networking, the application of AI has become more cost-effective. This tech firepower together with the availability of massive datasets to feed models, have now made AI a much more feasible option for applications such as truly useful business chatbots, retail recommendation engines, factory gear, self-driving cars, and the like.
People have started to see some of these AI applications maturing at work. This success has driven up confidence levels across the board that AI can solve real problems, resulting in even more demand for technology.
How Autonomous IT is different
Autonomous IT is akin to a self-driving car – not just spotting obstacles on the road, but going further – like switching lanes to avoid them. Unlike first-generation AI systems, which just spot problems and still require some kind of intervention, second-generation autonomous systems actually act on the patterns they observe. Here’s a classic example. A first-gen AI might evaluate network traffic patterns to see unpatched systems, but it still needs a human admin to intervene and activate/update a patch. A second-gen autonomous AI will not only detect the unpatched system, but it’ll also take proactive action to implement an update – only apprising an admin after the problem has been solved.
Four avenues where the rise of autonomous systems will drive the most impact in the coming months:
Hyper-scale security: Autonomous systems enable organizations to deploy and manage IT environments at massive scale. The number of Internet-connect devices is expected to jump significantly in the new decade. So security at scale is going to become a key challenge that security specialists need to tackle in future. Autonomy helps by fast-tracking such work, performing more consistently, and being better aligned with the organization’s information security policies and priorities.
Navigating the cyber-security talent shortage: The shortage of cybersecurity personnel worldwide is projected to reach 3.5 million people by 2021. Therefore freeing up cybersecurity talent to focus on more important tasks is crucial for enhancing security. Autonomous IT will take on a larger role in patching, configuring and managing the complex hardware and software mix that underlie most systems. In effect, IT teams will be able to increase focus on more strategic efforts and not have to worry about the mundane part of ‘managing IT’. What’s even better is that by virtue of being autonomous systems, these can work consistently, tirelessly – thereby preempting the bulk of the human errors that cyber-criminals look to exploit.
Faster response, greater defense: Based on which industry we consider, the time taken to remediate a breach from when it’s detected, can range anywhere from roughly 3 – 14 months of potentially critical exposure. In the case of autonomous systems, as they manage more of the nitty-gritty of network traffic and data collection and analysis, people will be freed from combing through network logs and can instead devote time and effort to perform high-level, complex system analytics. With more quality time for analysis, and with more context around what data they are analyzing, security practitioners will be able to better identify and address the more advanced threats while speeding up the response time.
Lowering the risks with insiders: Amongst the most persistent, and difficult cybersecurity problems in recent years has been a result of some corporate insiders who misuse their access for data theft or manipulation. Typically, such kinds of attacks stem from the use of root access to the system, originally granted to support basic IT admin and management functions. With autonomous systems capable of performing more of such work, and people concentrating more energies towards broad-based system analytics, the number of people needing such direct access will go down significantly, while reducing the chances of misuse.
Improve cyber-defense to future-proof the business
With cyber-threats increasing in volume and complexity, human defenders need faster and deeper insights into the changing threat landscape. An Autonomous IT-led approach to cyber-defense is the key for organizations to better tackle cyber-threats in the new decade.
(Raghunath S is VP-IT at RXIL and Sriram Rajan is VP-Technology Cloud at Oracle India. The views expressed in this article are of the authors’ own.)