Cyber security has taken on increased importance in the last few years due to the high profile nature of global cyber-attacks. It has gone from an ‘after-thought’ of the technology, to a subject which is regularly mentioned by CEO’s as an element of business strength to its shareholders.
To discuss these developments, Paul Byrne, the National Lead of Cyber Analytics and the Director of Cyber Risk Services for Deloitte Australia, sat down with Tech Exec and shared his thoughts on the cyber-security threats facing organisations, as well as the impact that artificial intelligence and machine learning will have on cyber-security in the future.
Cyber Threats are not Stagnant
Just as organisations have had to upgrade their core infrastructure to defend against new challenges, the attackers have upgraded their methods to match this adjustment. Byrne says that the most significant challenge faced today is simply the speed of attacks.
“There has been a significant change in the speed of attacks – criminals are increasingly using automation and sharing techniques and tools. They are continuously innovating and able to bypass traditional rule based detection systems.”
Byrne, who previously served as the Manager of CyberFraud and Security Assurance for nabCERT at National Australia Bank, noted that organisations are struggling to keep up, finding themselves lost in the increased controls and visibilities.
“As a result of this constant pace of development by cybercriminals, organisations have increased the number of controls and visibility of data to detect these attacks. Security teams are becoming more and more overwhelmed with information overload and this risks missing the important alert that could prevent a data breach.”
Security is Front of Mind
Byrne said that the high-profile cyber-security incidents that the world has witnessed recently have certainly increased the awareness of organisations and put it on the radar of the C-Suite executive. He warned that without visibility of their own organisational networks and systems, this focus is often short lived.
“We are seeing businesses taking advantage of Big Data platforms where the use of Cyber Analytics empowers executives to look across all their risks based on their current security controls mapped to their assets. This enables them to gain insights to their cyber risks and make informed decisions of future security spend thus managing this risk effectively.”
He went on to state that simply hiring people to fix the problem won’t work – organisations need to develop an underlying strategy and infrastructure to deal with these attacks now.
“Organisations are responding by looking for more people to work through the issues rather than building a better platform to create these alerts and simplify the investigation of these incidents. We are not giving our teams the tools to do their jobs effectively.”
AI and Machine Learning are the future
Byrne is optimistic about the potential that AI and Machine Learning (ML) present, but stated that he doesn’t necessarily buy into the thinking that both will solve all our problems. He said he sees them playing more of a support role to the existing analysts in place.
“I think of AI and ML more like an advisor to our analysts. We will still need the expert, but AI will help them do their job much better by helping them focus on the details that matter through visualisation, by orchestration of bringing context together with the data and learning new attacks which can be alerted and prioritised appropriately.”
He likened the impact that AI and ML can have on cyber-security to what the military of the United States are trying to do with exoskeletons, in terms of making their soldiers not just 2 or 3 times better, but up to 20 times better.
“I can see AI and ML enhancing our teams to be able to do 20 times more, 20 times faster. I like to think of it as making our security team’s bench strength much higher without the need for massive teams, therefore allowing them to focus on details that matter.”
As National Director Cyber Attack & Response at the Cyber Intelligence Centre, Paul has 15 years’ experience in cybercrime, threat intelligence, incident response, penetration testing, red teaming and social engineering. As part of Deloitte’s Global Incident Response and Intelligence network, Paul develops incident response solutions for key clients as well as penetration testing, social engineering, red teaming, malware analysis, incident management and incident response.
Contact Paul here.