- Community Home
- >
- Solutions
- >
- Tech Insights
- >
- How AI technology has become a key solution to sec...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
How AI technology has become a key solution to secure digital business
Security breaches are consistently making headlines, and legacy monitoring tools are ill-equipped to deal with the problem. AI technology can help.
With the number of security breaches on the rise and making headlines, comprehensive security monitoring systems are becoming increasingly important. Yet the adoption of distributed networks, workloads shifting on and off public clouds and the burgeoning Internet of Things have made security monitoring increasingly complex and difficult. Traditional security-monitoring tools simply can't meet the challenges they present.
We are also seeing a rise in the complexity of hacks that are super-charged by AI-enabled algorithms and machine learning techniques. There is a clear requirement for security solutions to incorporate AI and machine learning to stay one step ahead of the attackers. This is why many enterprises have begun turning to AI-enabled technologies and machine learning for help.
The shortcomings of legacy monitoring tools
Legacy security monitoring tools are largely based around triggers and alerts. Triggers are mapped to specific types of events, such as an elevation of privileges or the disabling of a firewall. When a trigger is activated, the security software alerts the IT staff. Depending on the nature of the incident, the software might also run a script designed to prevent further penetration.
But it can be difficult to differentiate between a condition that is worthy of an alert and a benign condition that does not warrant bothering an administrator. If a legacy security tool is overly zealous, it will generate frequent alerts that may eventually go unnoticed as the administrative staff succumbs to alert fatigue especially when trying to filter out the โfalse positiveโ alerts. Conversely, a tool that minimizes alerts and that doesnโt identify subtle user and entity behavioral changes indicative of an active attack might overlook a legitimate security incident in process.
Legacy security tools are often unable to detect new never before seen malware variants or new types of advanced cyberattacks so the early stages of an attack may go completely unnoticed. These legacy tools still have an important place yet incorporating AI-based security monitoring tools will help to modernize cyber defenses with sophisticated solutions that close security gaps.
AI technology as a security solution
AI technology can monitor usage patterns and learn what is normal and what isn't. It might be normal, for example, for a particular employee to periodically log into the payroll or industrial control system over a remote VPN. However, if that same employee connects at 3:00 a.m. from a new or unusual location, that might be an indication that a security incident is in process. A monitoring solution that triggers alerts based only on previously known threats might ignore this incident if the intruder had logged in with valid security credentials and did not try to access anything they did not have permissions to view. An attack might not be detected until it is well underway.
An AI-based solution, however, would recognize that this is not normal behavior, and could proactively enact counter measures. Early detection is both critical and a priority. A recent Ponemon Institute study surveyed more than 3,500 IT professionals and found that 70 percent of them place a high value on the ability to detect an attack before it can do damage.
The dangers of IoT
Another reason legacy security monitoring is inadequate for today's complex environments is that such systems generally have littleโif anyโsupport for monitoring the increasing number and diversity of IoT devices. Over the past several years, there has been a number of high-profile attacks targeting IoT devices that clearly demonstrate the vulnerabilities introduced by these network connected devices. The Ponemon study found that IT professionals are concerned about the security risks posed by IoT devices with 60 percent of respondents stating that IoT devices are a threat and less than 25 percent assessing that IoT is secure.
Although the Ponemon study paints a concerning picture of the state of IoT security, it also identifies AI as a potential solution to modern security challenges.
Stop attacks before they happen
There are solutions that can monitor vast distributed networks, secure IoT devices, and detect gestating attacks before they can do significant damage. One such leading solution for performing AI-based security monitoring is Aruba IntroSpect.
Using AI-based machine learning (ML), IntroSpect monitors user and entity behavior and network traffic to detect, prioritize, investigate and respond to stealthy attacks. It establishes a baseline of normal behavior, then monitors activity to detect behavior that might indicate malicious intent. If anomalous activity is detected, a risk-based assessment is made using ML-based threat models and contextual alerts are prioritized so that the security team can deal with the most significant threats first.
With our networks becoming more complex and attackers becoming more sophisticated, with some even using AI themselves, it is necessary to adopt a security monitoring solution that is equipped to cope with modern threats.
AI and machine learningโbased security solutions, such as Aruba IntroSpect, are a necessary tool to secure complex modern environments. To learn more about what your peers think about addressing modern cybersecurity challenges, check out the Ponemon "Closing the IT security gap" survey and report.
Featured articles
- AI by the numbers
- Want to know the future of technology? Sign up for weekly insights and resources
Bob Moore
Hewlett Packard Enterprise
twitter.com/HPE_Servers
linkedin.com/showcase/hpe-servers-and-systems/
hpe.com/servers
- Back to Blog
- Newer Article
- Older Article
- Amy Saunders on: Smart buildings and the future of automation
- Sandeep Pendharkar on: From rainbows and unicorns to real recognition of ...
- Anni1 on: Modern use cases for video analytics
- Terry Hughes on: CuBE Packaging improves manufacturing productivity...
- Sarah Leslie on: IoT in The Post-Digital Era is Upon Us โ Are You R...
- Marty Poniatowski on: Seamlessly scaling HPC and AI initiatives with HPE...
- Sabine Sauter on: 2018 AI review: A year of innovation
- Innovation Champ on: How the Internet of Things Is Cultivating a New Vi...
- Bestvela on: Unleash the power of the cloud, right at your edge...
- Balconycrops on: HPE at Mobile World Congress: Creating a better fu...
-
5G
2 -
Artificial Intelligence
101 -
business continuity
1 -
climate change
1 -
cyber resilience
1 -
cyberresilience
1 -
cybersecurity
1 -
Edge and IoT
97 -
HPE GreenLake
1 -
resilience
1 -
Security
1 -
Telco
108