Artificial intelligence could be key to tackling cyber-threats, here's why

• Read original article here

Today, Aurora said, attackers are spending weeks, months and years looking for crucial information inside a network. More worryingly, he said, cyber-attackers are focused on not only stealing the data but also altering them without detection. If an attacker can alter a single row or column of data in a database once a month, undetected, in the long run the consequences can be severe because companies would find it hard to distinguish between real and fake. For example, if electronic medical records are altered without the knowledge of doctors and nurses, it could potentially lead to misdiagnoses that could put patients' lives in danger.

"This is the real scare, to not just a particular industry of a particular size, but to everybody. It is a matter of existence," said Aurora.

That's where Darktrace's artificial intelligence system comes in, with the latest technology offering called Antigena. Once a threat is identified, Antigena automatically responds by taking proportionate actions to neutralize it and buy security teams enough time to catch up. In essence, it acts like a digital antibody that can slow down or stop compromised connections or devices within a network without disrupting normal business operations.

"Human beings are still going to be fundamental, but right now, the kind of attacks — you find it very difficult to figure out and they're so quick that if you look at traditional means, by the time human beings get to respond, it's too late," Aurora explained. The technology has been operational for about a year among early adopters and was made available on a large scale earlier this month.

In February, Australian cybersecurity company Nuix put out a report where they surveyed about 70 professional hackers and penetration testers at last year's Defcon — the global hacking and security conference — to understand their perspective on cybersecurity.

In the report, about 88 percent of the respondents said they could break through cybersecurity defenses and into the systems they target within 12 hours, while another 81 percent said they could identify and take valuable data within the same time frame even when the breach may not be detected for nearly 100 days on average.