AI to improve cyber defense systems
is the headline of the news that the author of WTM News has collected this article. Stay tuned to WTM News to stay up to date with the latest news on this topic. We ask you to follow us on social networks.
Ibermática has raised the level of cyber defense systems thanks to Artificial Intelligence technology. In collaboration with Vicomtech, and through the IT(SIA)² project, it has succeeded in adding a critical component to any enterprise Security Operations Center (SOC), leveraging Machine Learning and Behavioral Analytics to detect threats across the enterprise. attack chain, automatically investigating each alert and building an intelligence map to empower security analysts and speed remediation.
The danger to computer systems no longer lies only in the classic scenarios of data theft or a hacked website, but in the silent threat that lurks below the surface. Attackers are silent, approaching unannounced, and changing data at will or installing attack “devices” ready to be activated. Using custom code, crossing the perimeter boundary only once, and never sending information outward, such threats are nearly impossible to detect.
Against this new reality, existing security systems are failing and many face demise. This is because the traditional approach to cyber security is based on being able to define the threat in advance. The programming of static detectors only allows detecting known threats, so this approach is no longer viable, since it cannot detect new threats or those that deviate from the observed attacks. Furthermore, new digital devices and systems are often so complex and closed that it is often not clear how to even label the data obtained.
Ibermática has raised the level of cyber defense systems thanks to Artificial Intelligence technology
Faced with this situation, the IT(SIA)² project develops Artificial Intelligence algorithms for cyber defense with a focus on detecting malicious behavior and threats that existing systems are not capable of detecting. In this way, it allows combating cyberattacks with greater speed and responsiveness, which are also developing and appearing faster and faster due to the increasing complexity of business networks and connected infrastructures.
The power of Artificial Intelligence
Ibermática achieves with this system a significant increase in detection capacity, understanding of the environment, noise filtering and timely countermeasures when threats are identified, even never seen before. Thanks to the latest advances in machine learning and Artificial Intelligence, it is possible to carry out autonomous response technology development that uses this technology to help carry out human responses.
As explained by Álvaro Fraile, director of the Cybersecurity Division at Ibermática and CEO at ITS Security by Ibermática, “IT(SIA)² allows organizations to build their own immune systems so that they can autonomously catch cyber threats that others ignore, without any human input or bias on what the threat looks like.” “IT(SIA)² would act as a digital antibody. The technology will work by learning the normal pattern for every user and device in the business and take action to detect ongoing threats in real time,” he emphasizes.
This AI-powered technology is defined by its proven ability to detect and contain high-risk threats immediately, without causing business disruption, thus avoiding large financial losses and reducing human costs. “As cyber threats gain speed and severity, this approach could be leveraged to transform even the most complex and vulnerable organization into a self-defensive, resilient digital business,” says Álvaro Fraile.
artificial immune systems
Within the IT(SIA)² project, Ibermática and Vicomtech design, develop and implement algorithms to detect threats and “malicious” behavior by exploiting techniques related to artificial immune systems. At the same time, to combine the analyzes of multiple network behaviors, a comprehensive “picture” of the state of the devices that make up the network is generated. With this vision, the mathematical models of IT(SIA)² can constantly adapt to the information provided by new observations as it becomes available to the system, thus being able to discern significant patterns in the data flows, which are usually indicative of attacks.
Artificial immune systems can integrate a large number of indicators of anomalous behavior to produce a clear and unique measure of threat probabilities, so they can be extremely versatile and provide very valuable information that can be used automatically (taking countermeasures ) or make it easier for human network operators.
The IT Immune System(SIA)² is also a fundamental technology platform for cross-cutting cyber defense (IT and OT). Based on automatic machine learning and artificial intelligence algorithms, it is capable of learning what “normal” activity looks like within industrial networks, “and can identify and respond to emerging threats that would otherwise go unnoticed,” he concludes. Friar.