How AI Is driving a new means of cybersecurity
© Shutterstock / PeterPhoto123
Operational resilience. It’s the ideal every cybersecurity-focused organization strives towards. But in a few years, it might be little more than table stakes — here’s why.
Your architecture needs to be resilient. You need backups. Redundant systems. Automated failover. And you need processes and procedures in place to inform staff of their duties in a crisis.
Within enterprise, these things all go without saying. Operational resilience is the ideal state in cybersecurity — the ability to remain up and running during even the worst crisis is the holy grail that every administrator strives for. But it’s also rapidly giving way to something new, a trend driven by advances in the field of artificial intelligence.
Imagine if you could predict a DDoS attack before it happens. Imagine if you could react, in real-time, to a hacker the moment they tried to penetrate your systems. Imagine if you could immediately halt the spread of ransomware through your network the moment it infected a system.
In the coming years, this will all become possible.
It’s a concept that Summer Fowler, technical director of Carnegie Mellon’s CERT division, refers to as proactive resilience – or “prosilience” for short. That said, prosilience isn’t really a new concept outside of the cybersecurity space. It has roots in many fields and disciplines, including athletics, psychology, and sustainable design.
What makes it unique here, then? Two words: artificial intelligence. Thanks to machine learning, prosilient infrastructure can do more than simply survive cyberattacks and service interruptions. It has the capacity to react and adapt to them; the ability to anticipate risks before they become threats.
Of course, we’re a long way away from self-monitoring, self-healing software and hardware. In a modern context, such technology is expensive to implement — prohibitively so. And we still need to establish the proper metrics and figure out a baseline for efficiency.
Benefits of practicing prosilience
But the gains here are nevertheless clear. Even before the point that systems are able to take care of themselves, proactive resilience becomes a powerful tool in the repertoire of bleeding-edge administrators and security professionals.
By leveraging IoT sensors and big data, teams can more accurately predict and respond to threats, no matter how great or small. By augmenting the enhanced visibility provided by the Internet of Things with the right analytics tools, organizations can monitor and react to trends that represent an emerging threat. By practicing prosilience, businesses won’t simply respond to threats – they’ll preemptively eliminate them.
“If operational resilience, as we like to say, is risk management “all grown up,” then prosilience is resilience with consciousness of environment, self-awareness, and the capacity to evolve,” writes Fowler. “It is not about being able to operate through disruption, it is about anticipating disruption and adapting before it even occurs–a proactive version of resilience…Operational prosilience is not a state; it is an evolving set of characteristics and capabilities.”
Artificial intelligence is entering the cybersecurity space in more ways than one. Prosilient architecture has the potential to change how we think about disaster recovery. Until such time as it arrives, I’d advise you to start working with the data and systems you’ve got.
Start being more proactive in how you manage cybersecurity. Start monitoring your networks and analyzing what data you can. It might not be quite as effective as what I’ve described here, but we all need to start somewhere.
And the sooner we do, the sooner we can move forward.