Few things in the world of computing are receiving more buzz these days than Artificial Intelligence (AI), Machine Learning (ML), the Internet of Things (IoT), and Cloud Computing. Where once these were considered to be bleeding-edge technologies that only the most forward-thinking IT organizations were using, the adoption rates of these solutions are increasing exponentially, and more organizations are incorporating these once bleeding-edge technologies into their IT strategies by the day (so much so that I actually heard a commercial regarding IoT on sports talk radio the other day, but that’s another story).
As the adoption rates of AI, ML, IoT, and Cloud Computing increase, so too will their roles in the future of cyber security. This article will address how the need to defend the rapidly expanding web will fundamentally change both the security tools we use as well as the data center environment itself.
Defining the Challenge
As IoT becomes more-and-more established, the number of devices and other assets connected to the internet grows exponentially. This inevitably increases the potential attack surface for ransomware campaigns and other types of cyber-attack.
Spotting the signs of an attack or exposing weaknesses in networks obviously requires some form of network data monitoring. However, as connected devices increase exponentially, the sheer volume of network data will quickly overwhelm any manual human attempts to monitor and draw patterns from it over the next few years.
Algorithmic automated systems are a step in the right direct, but also pose their own fundamental challenge – situational awareness. In dynamic, agile networks, conditions simply change too quickly for an algorithm to remain useful for very long. Every time a business deploys a new application, connects a new device, spins up a VM or provisions extra resources, there is a risk of compromised firewall rules, compliance drifting and misconfigured devices. Enter stage right, Artificial Intelligence.
As we’ll address below, the (re)emergence of AI, given new life via the distributed and scalable nature of cloud computing, couldn't have come at a better time.
AI, Machine Learning and Deep Learning
Before we look at the role that Artificial Intelligence (AI) and Machine Learning (ML) will play in the future of cybersecurity, it’s worth taking a step back and defining what these terms mean.
Artificial Intelligence is a broad term covering different technologies designed to mimic or replicate human-like intelligence in machines.
Machine learning is a subset of AI which uses a model and data sets to refine the machine's response to its environment.
Deep learning is itself a subset of machine learning. Unlike ML, deep learning involves the machine breaking down larger concepts into multiple smaller nodes, then using these smaller nodes to create a decision tree and build its own model from bottom up. This leads to a more intricate and nuanced model, but requires a lot more data than standard ML.
How AI can Revolutionize Cybersecurity
The superior learning and pattern-matching abilities inherent in Machine Learning will prove to be invaluable in many areas of information security. Some examples include:
- Detecting cyberattacks
- Highlighting vulnerabilities in code
- Spotting and fixing misconfigured devices or software
- Predicting failures
Crucially, AI will be able to cope with the increased data flow from IoT while recognizing patterns that are far too complex or subtle to be recognized by humans.
One fascinating example of this is the Darktrace machine learning information security project which, using the human immune system as its model, learns normal user & system behavior, then flags any deviations/anomalies . In time, Darktrace and other similar projects are expected to eventually be able to instantly recognize new malware, anomalous network traffic, and suspect user behavior.
The information security software of the future, using Artificial Intelligence, will also be able to move more rapidly from intrusion detection to prevention. For example, AI will learn when to recommend segmenting a network or when to suggest re-imaging a corrupt server.
AI and robotics will also likely have a role to play in securing the physical data center environment, being integrated into DCIM software to monitor for any security concerns (break-ins, compromised cables, unusual technician activity, etc.).
How the Proliferation of AI Will Affect Data Center Colocation
So far we’ve looked at the role AI will play in the future of information security, and how the data center of the near future will need AI to keep information secure. However, the implementation of these robust technologies poses its own unique set of challenges, since compute-hungry machine learning programs are themselves dependent on a reliable, flexible and scalable network.
The deep learning environment will have even more stringent GPU and number-crunching demands due to the vast amount of data needed to seed the machine. For example, deep learning technology requires at least a Tier 4 data center with GPU processing support. Due to these requirements, an onsite data center is unlikely to be able to handle the demands of enterprise-grade AI-driven security software.
This all means that the adoption of AI-driven security strategies will further increase the number of businesses opting to migrate to a cloud-based or hybrid network strategy, since doing so will enable Machine Learning-based security products to draw on the compute power needed to collect and analyze the data coming into the network.
The Rise of the Machine (Learning)
“This all sounds great, but where are we today?” I’m glad you asked. A recent survey of 400 Infosec professionals revealed that 87% of them already make use of AI in one form or another. Furthermore, 74% also said that they believed information security in their businesses would soon become impossible without AI. In light of these results, it’s clear that the demand for machine learning is already strong (and getting stronger by the day).
This demand will continue to accelerate, with the evolution of the Internet of Things and distributed cloud computing is set to increase both the volume and complexity of data being sent into business networks. AI – and in particular machine and deep learning – technologies are developing quickly and are the way forward in keeping enterprise networks secure. Hybrid networks and data center colocation will soon become the default recommendation for in-house IT departments and external cloud consulting services when designing business architectures.
However, machine learning itself will place huge demands on compute power and scalability, something that a traditional on-premise private network will struggle with. This, in turn, will further increase the pressure on IT departments to migrate their infrastructure into the cloud.
To close this with a few clichés, the times are a’changin, and the arrows in the quiver that is IT security are growing by the day. We’re at the dawn of a new era in IT security – one driven by artificial intelligence – and the savvy IT department will embrace this era not only by adopting these technologies, but also by understanding the accompanying infrastructure changes that such adoption may require.
About the Author:
Ben Ferguson is the senior network architect and vice president of Shamrock Consulting Group, the leader in technical procurement for telecommunications, data communications, data center colocation, dark fiber procurement and cloud procurement services.
Since his departure from biochemical research in 2004, he has built core competencies around enterprise wide area network architecture, high density data center deployments, public and private cloud deployments and voice over IP telephony.
Ben has designed hundreds of wide area networks for some of the largest companies in the world. When he takes the occasional break from designing networks, he enjoys surfing, golf, working out, trying new restaurants and spending time with his wife, Linsey, and his dog, Hamilton.
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
- Blog2022.10.12Vulnerability management with Wazuh open source XDR
- Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky