Big data and predictive technologies – sometimes called artificial intelligence (AI) – are changing the world. Everyone from Google to your supermarket and hospital are leveraging the power of data to transform the way they operate fundamentally. While the traditional security industry has tended to take a reactive approach towards prevention (rather than a data-driven one) innovative practitioners are now beginning to show the transformative impact big data can have when used intelligently.
In this age of custom malware and targeted advanced persistent threats (such as Stuxnet), slow, resource-intensive security is a big problem. One example was the recent attack on the New York Times. Chinese intruders installed 45 different pieces of malware on the media company’s systems over a period of four months. All this happened despite the presence of traditional endpoint protection, including up-to-date antivirus from a traditional security player which, according to cyber security firm Mandiant, detected just one piece of malware.
We can’t say for certain what was at play in this instance, but it does point to some fundamental challenges with traditional, non-predictive security systems. The faster a bad guy can act, the further behind the good guys will end up. This leads to long delays in identifying new threats and in protecting vulnerable systems. With more time to plan and execute their attacks – and aided by the delay to push out protection – cyber criminals are able to compromise many more systems than ever before. In the absolutely worst cases, this gap becomes something the most sophisticated attackers can hide indefinitely.