What if You Could Predict the Likelihood of a Hacker Breaching Your Organisation?
Turning (Non-Technical) Heads
Traditionally, one of the main problems with cyber security surrounds understanding, or a lack of. Those with non-technical backgrounds towards the top end of an organisation — typically, the CEO, CFO, and the board of the business — have trouble comprehending the "technical security stuff" and they need something that helps them understand it.
The emerging role of the CISO (Chief Information Security Officer) has gone some way to solve this. These individuals communicate the reality of an organisation’s security situation in a digestible manner to the key stakeholders.
But, what if the process could be automated?
AI in Cyber Security: Predict and Quantify
AI can provide faster and more accurate benchmarking predictions and expected loss costs of cyber events to an individual and groups within companies — in plain English. The technology is a key part of this quantification process.
The Random Forest Model
As mentioned, AI can be used to predict the probability of a hack or a breach — it does this with what Pope calls a random forest model. The ‘random forest’ is made up of lots of decision-trees and each decision-tree has a branch — and the questions that are asked by the model at each of the junctions in that decision tree are based on the characteristics of companies that have had a breach previously.
IT Disruption from a Third Party
AI can also predict the probability than an IT disruption will be caused by a third party, using a "probabilistic graphical model," which is similar to Google’s PageRank algorithm.
Wildfire
This use of AI in cyber security can further help predict ‘wildfire’, cyber quake-type events.
Actions
So what should an organisation do once it’s told the likelihood of it experiencing a data breach?
Pope suggests that in an ideal world, the CFO of an organisation should pick up the phone to their insurance broker and say we’re pretty sure there will be an event; we want to make sure we’ve got adequate insurance coverage for this, and help for when it does happen — immediate response help or breach response.
Conclusion
The role of AI in cyber security will become increasingly critical to mitigating threats. Why? Because of the increasing volume of data relating to this issue. This increasing volume of data is coming from increasing technology being interconnected and exposed. The more technology and interconnection via the internet, the more data and the more difficulty making sense of that data. The only way organisations can do this effectively is with AI.
Frequently Asked Questions
- What is the role of AI in cyber security?
- AI can provide faster and more accurate benchmarking predictions and expected loss costs of cyber events to an individual and groups within companies — in plain English.
- How does AI predict the probability of a hack or a breach?
- AI uses a random forest model, made up of lots of decision-trees and each decision-tree has a branch — and the questions that are asked by the model at each of the junctions in that decision tree are based on the characteristics of companies that have had a breach previously.
- What is the "probabilistic graphical model" used to predict IT disruption from a third party?
- It’s similar to Google’s PageRank algorithm.
- What is the purpose of AI in predicting ‘wildfire’, cyber quake-type events?
- To help predict ‘wildfire’, cyber quake-type events and prevent them from happening.
- What should an organisation do once it’s told the likelihood of it experiencing a data breach?
- In an ideal world, the CFO of an organisation should pick up the phone to their insurance broker and say we’re pretty sure there will be an event; we want to make sure we’ve got adequate insurance coverage for this, and help for when it does happen — immediate response help or breach response.
