Modern day enterprise security is like guarding a fortress that is being attacked on all fronts, from digital infrastructure to applications to network endpoints
Copyright by www.venturebeat.com
That complexity is why technologies such as and have emerged as game-changing defensive weapons in the enterprise’s arsenal over the past three years. There is no other technology that can keep up. It has the ability to rapidly analyze billions of data points, and glean patterns to help a company act intelligently and instantaneously to neutralize many potential threats.
Beginning about five years ago, investors started pumping hundreds of millions of dollars into a wave of new security startups that leverage , including CrowdStrike, Darktrace, Vectra , and Vade Secure, among others. (More on these companies lower down).
But it’s important to note that cyber criminals can themselves leverage increasingly easy-to-use solutions as potent weapons against the enterprise. They can unleash counter attacks against -led defenses, in a never-ending battle of one-upmanship. Or they can hack into the itself. After all, most algorithms rely on training data, and if hackers can mess with the training data, they can distort the algorithms that power effective defense. Cyber criminals can also develop their own programs to find vulnerabilities much faster than they used to, and often faster than the defending companies can plug them.
Humans are the strongest link
So how does an enterprise CISO ensure the optimal use of this technology to secure the enterprise? The answer lies in leveraging something called Moravec’s paradox, which suggests that tasks that are easy for computers/ are difficult for humans and vice-versa. In other words, combine the best technology with the CISO’s human intelligence resources.
If clear guidelines can be distilled in the form of training data for , technology can do a far better job than humans at detecting security threats. For instance, if there are guidelines on certain kinds of IP addresses or websites that are known for being the source of malicious malware activity, the can be trained to look for them, take action, learn from this, and become smarter at detecting such activity in the future. When such attacks happen at scale, will do a far more efficient job of spotting and neutralizing such threats compared to humans. […]