ADVERTORIAL: MC SYSTEMS

While a VPN connection will ensure communication between an endpoint and the securely encrypted corporate network, potential risks still exist as persons working from home/remotely may have access to unsecured networks and malicious websites.

Dwayne Brown, senior manager, Cyber Security at The Jamaica National Group says networking and cybersecurity will benefit tremendously from Artificial Intelligence (AI) driven tools such as Web Filtering, Anti-Malware and User and Entity Behaviour Analytics (UEBA), Machine Learning for Process Behaviour, among other strategies.

An endpoint is any device such as laptops, desktops, mobile phones, tablets or servers that communicate back and forth with the network that it is connected to. Cybersecurity, in this case, relies heavily on behaviour patterns to protect enterprise networks by securing endpoints. Artificial intelligence uses breach risk prediction to detect and differentiate between threats and alert security officers. In some instances, AI goes as far as temporarily blocking the user or shutting down the device, ensuring that your work network is not penetrated.

Web filtering

“Web Filtering applies Neural Networks, Markov Chains, Logistic Regression and KNN Classification (algorithm) to mine various logs for URLs, as well as update Indicators of Compromise (IoCs) and reputation. Simply put, the technology stops users from browsing specific URLs or websites by preventing their browsers from loading pages from these sites. Web filters deliver various solutions for individuals and enterprises,” said Mr Brown.

The Jamaica National Group senior manager of Cyber Security said that Anti-Malware offers protection for individuals and businesses by providing a combination of functionalities to scan computer systems to prevent, detect and remove malware, processing millions of samples daily.

“In its simplest form, a sandbox environment is an isolated virtual machine in which suspicious software code can execute without affecting network resources or local applications. This technology runs the suspicious code from unknown attachments and URLs and observes its behaviour. Another great benefit of a sandbox environment is that it examines the files at the organisation and complements the traditional analysis with machine learning,” Mr Brown added.

Web app security

Citing another strategy that can be used to safeguard data, Mr Brown said that web app security uses anomaly detection and thread validation machine learning to monitor application interactions and block unwanted activity.

Turning to UEBA, he explained that it is a holistic way of ensuring the efficacy of IT security, which helps the business to detect users and entities that could compromise your network. This is done using Bayesian probability metrics, recording the usual conduct of users in your systems in order to detect and flag anomalies.

Counteracting attackers who utilise machine learning

Explaining Machine Learning algorithms, Mr Brown said they are often targeted to discover weaknesses in attempts to bypass security mechanisms and to execute malicious activities.

“AI holds the solution! Organisations have a duty to explore intrusion detection system (IDS) solutions,” he affirmed.

Mr Brown further expounded that network protection refers to IDS solutions that (typically) deal with signature-based approaches to predict network parameters and compare them to normal ones. These solutions are extremely valuable to businesses as they classify attacks example spoofing and scanning allowing for easy identification. Useful information and details of the threats are extracted by clustering for forensic analysis.

“Programmes may be easily categorised as malware, spyware and ransomware. One example of how machine learning works in this regard is separating legal file attachments from outliers for malware protection on secure email gateways,” he explained.

Mr Brown said that several application security techniques afford businesses a number of benefits such as clustering user activity to mitigate illicit IT practices such as DoS (Denial-of-service) attacks. As the name suggests, he explained, a denial-of-service attack is one in which the attacker makes a network or machine resource unavailable by disrupting services (once the host is connected to the internet). Machine Learning for application security utilises web apps, databases, Enterprise resource planning (ERP) systems and Software as a Service (SaaS) applications to bolster digital defence.

“Although hackers and attackers are becoming increasingly prolific in their unscrupulous endeavours, AI and machine learning present significant solutions that allow users and organisations to protect intellectual property, digital assets and ultimately, their bottom line,” said Brown.

______

Send feedback on this article to: [email protected]

Source: https://jamaica-gleaner.com/article/business/20211104/advertorial-cybersecurity-and-ai-technologies-should-support-work-home