You are here
AI to the fore in war on cyberattacks
CYBERATTACKS from nation-states may have hogged the limelight, but the startling truth is that most cyber attacks are driven by organised criminal gangs targeting profits.
With such attacks becoming more frequent, more sophisticated - and more damaging to a company's customers and other stakeholders - the traditional "moat-and-firewall" security measures are no longer enough, said Lee Hui Li, IBM Asia-Pacific vice-president for global business partners.
Artificial intelligence technologies and increased collaboration between the public and private sectors will be crucial in the war against cyber crime.
"Like a human immune system, today's cybersecurity defences need to find those attacks that will eventually breach a perimeter, quarantine and remediate them, across an organisation's data, applications, mobile and end-point devices," she said.
Noting that many organisations use up to 50 security products from some 80 vendors, she added: "Non-integrated, point-product security solutions are insufficient."
More attention is being paid to cybersecurity now. The world was caught offguard in May, when a ransomware virus known as WannaCry spread across the globe, disrupting hospitals and factories; it reportedly affected 200,000 victims in at least 150 countries.
Singapore's critical sectors like finance, telecommunications and energy emerged relatively unscathed, but the digital signage in some malls supplied by local firm MediaOnline broke down, and computers tied to some 500 Internet accounts were infected.
Cyber crimes in Singapore nearly doubled in proportion between 2014 and last year, rising from 7.9 per cent to 13.7 per cent of all crimes, a report by the Cyber Security Agency of Singapore (CSA) released in September found.
Some 15 per cent of all cyber crimes in Singapore involve unauthorised access to computer material; 83 per cent involved online cheating.
Globally, the number of records compromised from data breaches surged multiple-fold - from 600 million in 2015 to more than four billion last year, a study by IBM Security involving 8,000 companies found.
Separately, another study last year found that more than half of companies (53 per cent) surveyed suffered at least one data breach in the past two years.
Such breaches are also becoming more expensive for companies; the average cost to resolve them has grown nearly 30 per cent over the past three years to US$4 million.
Worryingly, some 66 per cent of the 2,400 security and IT professionals who responded said they are not confident in their organisation's ability to effectively recover from such an attack.
With four-fifths of all cyber attacks driven by highly-organised crime rings in which data, tools and expertise are widely shared, the public and private sectors need to collaborate more in sharing data in order to fight back more effectively, said Ms Lee.
IBM has opened its collection of security threat data - one of the largest in the world - to the public through its cyberthreat portal, X-Force Exchange.
In Singapore, there are also concerns that while government agencies have accumulated much experience in the areas of cyber usage and security, businesses here are lacking in risk awareness and digital capability.
The government aims to address this through advisories on the website of the Singapore Computer Emergency Response Team (SingCERT), which will warn companies of ongoing online threats and how they can be dealt with.
The Info-communications Media Development Authority of Singapore (IMDA) is setting up a SME Digital Tech Hub by the end of the year to provide SMEs in-person advice on areas such as cybersecurity.
Increasingly, given the amount of data that security analysts need to process, artificial-intelligence technologies (also known as cognitive technologies) will be necessary, Ms Lee said.
For instance, companies on average face 200,000 security events each day. Every year, they spend, on average, 21,000 hours each, chasing false positives.
On top of that, 80 per cent of the world's data is unstructured. This kind of data, including those in blogs, articles and reports, are inaccessible by traditional security tools.
"There are an estimated 60,000 security blogs published each month, and 10,000 security reports published each year," she said. "At the same time, there is a looming security skills shortage, with nearly two million jobs projected to be open by 2020."
Cognitive technologies can address these issues, she said. These can harness the same types of unstructured information that security analysts use; they learn as they go along, recognising terms and making connections between them so that it eventually understands questions and uses reason to provide answers.
Watson, IBM's cognitive system, has been trained in the language of cybersecurity after having been fed thousands of documents to build up its knowledge. The system, officially launched this year, has analysed more than a million security documents over the past year and is now analysing an additional 15,000 each day, said Ms Lee.
Some clients have detected security breaches 50 times faster than manual security analysis in early usage of the system, known as Watson for Cyber Security.
IBM estimates that cybercrime could cost the global economy more than US$2 trillion by 2019, so the cybersecurity business is hardly an elementary matter.
Ms Lee said: "We've had immense interest from organisations right across the Asia-Pacific, with a number of organisations and business partners now beginning to leverage Watson for Cyber Security."