Page 103 - Cyber Defense eMagazine April 2021 Edition
P. 103
On the authentication side, AI can reduce risks and stop intrusions before bad actors get into various
systems and cause harm. For example, multi-factor authentication (MFA) programs involve several different
factors and user behaviors. AI comes into play with risk-based authentication, where the AI sets risk scores
that are based on the login attempt context. Another example, a user who typically logs in from home during
business hours would have a different risk assessment than the same user credentials being used at two in
the morning from a different IP address. The AI effectively learns what sets of risks are likely to produce the
right results (successful proper logins) and then adjusts and improves over time until it can reliably predict
an unauthorized login.
Reducing Phishing with Enhanced Intelligence
Into 2021 and beyond there will be an expansion of AI into phishing prevention. In a similar structure to its
capabilities with antivirus and authentication programs, AI can also spot anomalies that point to a phishing
scheme. These anti-phishing programs look for inconsistencies in email message content and metadata.
An AI-informed solution can learn over time how to spot phishing-style language such as urgent requests
(respond immediately with your credit card!) that are likely fraudulent in intent. It can also determine spoofed
email senders, misspelled domain names, and other tricks found in emails that aren’t always spotted by the
human. It’s a context-based dynamic that also considers if the email is part of a string, and if there’s an
established connection between sender and the recipient. Providers can add AI on top of traditional
authentication tools like SPF, DMARC, and DKIM.
Improving Remote Work Security
Security is a key consideration for every firm that moved to remote workforces during the pandemic. A mobile
workforce that can operate from any location with a laptop and Wi-Fi access presents considerable
challenges for IT. Workers are exposed to online dangers but secure search engines and communication
platforms (such as GOFBA) can help mitigate threats. There is also the risk of “shadow IT” where workers go
rogue and pick their own cloud storage or messaging apps instead of the company-approved tools. A training
gap also exists, with many workers unaware of the risks their actions pose to company networks and their
own jobs. AI can help mitigate many of these risks by improving anti-virus tools and other security programs,
and also learning about work from home patterns and then developing contextual risk assessments.
AI and machine learning can improve multiple remote working functions. For example, an AI tool could use
the worker’s laptop camera to note when someone else is in the room. This could then shut down access to
sensitive information or make their screen go blank for a certain period. This feature could be invaluable for
workers and companies dealing with compliance regulations that apply to the usage of certain data sets. AI
is also used in hiring tools such as applicant tracking systems and other HR functions to better screen people
before they’re hired. And employee monitoring tools will also use AI to delivery more accurate
contextual-based results to management about the employee’s daily or monthly activities.
Aiding the Human/Machine Mix
In 2021 and the years ahead, cybersecurity teams should develop a better understanding of AI’s capabilities,
specifically as they compare to human capacity. Current AI tools are improving, but many are still flawed and
do not understand human intuition and motivations. An article in the MIT Technology Review dives deeper
into AI’s limitations, saying “These shortcomings have something in common: they exist because AI systems
don’t understand causation. They see that some events are associated with other events, but they don’t
ascertain which things directly make other things happen. It’s as if you knew that the presence of clouds
made rain likelier, but you didn’t know clouds caused rain.”
103 Cyber Defense eMagazine – April 2021 Edition
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.