Reinventing Prevention: Deep Learning in Cybersecurity
By: Jonathan Kaftzan
In last few years, the number of Infosec vendors increased dramatically. Though as you would expect the security landscape to improve, it is actually doing much worse than in the past. Nearly two-thirds of enterprise players have been compromised in the past year by attacks which originated on the endpoint, according to a Ponemon Institute survey. The report says that figure is a 20% increase year-on-year.
Ponemon Institute showed that costs of a successful attack increased 42% year-over-year – with attacks on SMBs costing an average of $7,120,000 ($763 per endpoint), nearly two times the cost per endpoint for larger organizations ($440).
And, perhaps most astonishing, the survey showed that respondents estimated their current anti-virus platform is effective at blocking only 43% of attacks. This is because these solutions are only effective against known malware.
The report highlighted that the biggest threat to organizations are zero-day and fileless attacks.
The reasons for this may vary, but 2 main reasons are that over 350,000 machine-generated new malware is created daily which makes it almost impossible to have an effective solution against it and because many of these security vendors do not offer actual security. While they may offer data management solutions, BI suites, ways to analyze data, and different post-execution and post-infection management solutions, it is not what real security should be all about.
Prevention vs. Detection
In life, there are situations in which you want (and need) to prevent things from happening. For example, always better to put up an effective wall to prevent an intruder from getting in rather than have the alarm go off when it’s a little too late.
Same goes for cybersecurity.
Originally, the concept of cybersecurity was all about prevention: perimeter security, anti-virus programs – these original security solutions were about prevention, meaning not letting bad things happen or enter in the first place.
The Evolution of Prevention
Looking back at cybersecurity, in the early 1990s, technology was not where it is today. Once hackers realized what they can gain from cybercrime, they ratcheted up their game. The intricacy, impact and scale of their criminal activities quickly evolved. Polymorphic malware and encrypted code caused anti-virus programs to become less effective and that led to an assumption – wrong as it may be -- that it was not possible to prevent malware or unknown attacks.
In a way, the industry started to give up on the innovation of prevention technologies and instead moved into detect-and-response solutions.
However, thankfully, through innovative technology, we can now revive the original concept of what security is and should be about.
Hackers today have all the best technology readily available. So, the security against these worms, viruses, target breaches, IP theft, spyware and ransomware has to evolve, too.
Deep learning in cybersecurity, reinvents and redefines “prevention” to its original classification: The idea that you can prevent attacks from happening.
When you prevent things from happening, you can save resources, costs, damages, time, and your reputation.
Deep learning in cybersecurity is the most promising and most important technology today. Actually, deep learning has revolutionized pretty much every field it has been applied to. Deep learning has advanced AI and computer science by leaps. Deep learning is motivated by a prevention approach, and prevention solutions are the future of cybersecurity.
Real-time prevention harnesses deep learning technologies and provides 20%-30% better results than currently available cybersecurity solutions.
Real-time prevention means producing high detection rates and low false positive rates. Real-time prevention using deep learning in cybersecurity is specifically designed to keep safe any type of device, any operating system, and any file type.
As such, today’s real-time prevention technology is an essential cybersecurity solution to get – and stay -- one-step ahead of the next breach.
To read more about the different approaches over time in cybersecurity, download the whitepaper "Reinventing Cybersecurity Prevention with Deep Learning"