Cyber attacks are not a new problem by any stretch of the imagination, but they are a rapidly growing threat. As the volume and types of technologies used by businesses and consumers continue to increase, the surface of the attack (misconfiguration, vulnerabilities, human errors, or other weaknesses that increase the potential for a successful cyber attack) increases exponentially. threat landscape, organizations need to rethink their approach to security.
Growing Challenge of Cybersecurity
According to AVTest, more than 18,000 new malware and / or potentially unwanted applications are identified every hour. This equates to over 400,000 new threats. It doesn’t matter how big a person is or how many people make up the IT security team, this volume of threats is just too large for a manual process or human intervention. Businesses need to be able to automate as much as possible to keep pace.
However, the challenge is greater than the ease with which it can be scaled. Even more important is the ability to proactively identify and stop attacks before they happen. There are many cybersecurity tools out there to help organizations scale and assist in threat volume. Separate signals from noise to identify security events that need to be escalated for response to the IT security team. However, these tools often generate an overwhelming amount of warnings and false positives, making the IT security team more work than stopping attacks. .
The problem businesses face is that most cybersecurity services are reactionary. The tools they rely on to protect their environment rely on signatures or threat indicators to detect threats. This means that these tools are ineffective against zero-day threats or other unknown threats as they only detect threats that you already know.
Scaling Cybersecurity with Deep Learning
This is where deep learning can change the game. Deep learning is a branch of machine learning. Machine learning algorithms are great for analyzing data to solve problems, but they have limitations. An article in PC Magazine explains, “Deep learning algorithms solve the same problem using deep neural networks, a type of software architecture inspired by the human brain (although neural networks are different from biological neurons). Neural networks are layer upon layer of Variables that correspond to the properties of the data on which they are trained and will be able to perform tasks such as classifying images and converting speech to text. ”
Deep learning is a newer field and there are relatively few players who focus on this area. There are few deep learning neural networks and only one is used to address today’s cybersecurity challenges. This deep learning framework is part of Deep Instinct.
I spoke to Guy Caspi, co-founder and CEO of Deep Instinct, about the current state of cybersecurity and how deep learning can change the game. Caspi combines national cybersecurity experience with degrees in math and machine learning to address challenges from a unique perspective to defend against cyberattacks.
Caspi said to me: “What I have seen in the last three years, the sophistication, the complexity, the techniques of cyber attacks, that is in a completely different league.”
He stated that APTs and complex threats can easily bypass most security solutions on the market, and also stressed that most existing cybersecurity tools wait for the attack to take place before reacting, forcing the organization to urgently react to an ongoing security event. Obviously, that is a problem.
Deep Instinct recently released the Voice of SecOps semi-annual report, which found that IT security teams typically take around 24 hours to respond to a cyber event after it is detected, which represents a full day of persistent malicious activity identified as malicious. .
“The idea behind Deep Instinct,” said Caspi, “is to predict and prevent before something gets infected, before something happens on your PC, mobile device, tablet, server or whatever.”
Deep Instinct uses deep learning to be proactive. Caspi described how his solution parses files and vectors before execution and protects clients in “no time”. He explained that speed is critical in today’s threat landscape and that many solutions promise real-time, but real-time is too late.
The Power of Deep Learning
Okay, but what is deep learning really, how is it better than standard machine learning, and how does it improve cybersecurity?
Caspi shared an example to shed some light on this. “If I give you 100 photos of a cat and a dog, you will probably recognize what a cat is and what a dog is with absolute precision. The reason is that you learn and digest so much data in your life that you know and understand what a cat is and what a dog is. “
But how? He pointed out that while people are very good at easily identifying who is a cat and who is a dog, if you ask them to describe three characteristics that define the distinction between a cat and a dog, few people can find one. that’s clear and it would work every time.
It is an ability to recognize subtle differences and to pass judgment to accurately define age based on what you have learned from a lifetime of past information.
“This is exactly what we are doing. We mimic the brain and the way we think by exposing the deep neural network to an enormous amount of data, an amount of data that no other machine learning in the world can process, digest and crumble this data to learn and be better every day. “
Continuing the analogy, imagine if identifying a cat or a dog was as reactionary as cybersecurity. What if you could recognize gray cats, but a brown cat came along and you just had no frame to understand that it is a cat until someone first scans it and provides you with a signature or flag that allows you to recognize it as a cat? It seems very inefficient and ineffective .
Proactive Cybersecurity with Deep Learning
Automation is critical to guarding against the sheer volume of threats organizations face, but standard machine learning is too limited and still requires too many tuning and human intervention to achieve the desired results. Deep learning takes it a step further to continue to evolve and learn over time so that it can preemptively recognize and block threats it has never seen in the world. before.