The role of AI in business is surrounded by anticipation and excitement. From the use of chatbots offering an improved customer experience, to customer data analysis through third party programmes – there is a lot of anticipation around its usages. Machine learning is starting to find its feet within the SMB community, with many businesses already using it in one form or another – some without even realising it.
When it comes to security, AI has been heralded as the answer to our cybersecurity worries. With SMBs increasingly fighting a losing – and often invisible – battle against malware and cyberthreats. By adding an intelligent, machine-based layer to the traditional firewall approach can arm companies with the necessary tools to keep their networks impenetrable.
To make the most of the AI security benefits of AI, it is essential to understand the key aspects that comprise a robust and reliable solution alongside the main areas where AI can make a real difference.
Sandboxing all the way to success
While it might sound like something you’d do on holiday, ‘sandboxing’ plays a fundamental part in supporting businesses to deal with the rising threat of cyberattacks. Combatting cyberthreats is not an exact science and with new variants being developed all the time, it can be hard for IT teams to keep up and for a basic firewall to identify a suspicious file from a safe one. But with 53 percent of midmarket companies having fallen victim to a cybersecurity-based breach, and 40 percent of those experiencing eight or more hours of system downtime as a result , it is essential to keep all threats at bay.
With threats evolving so fast, the ability to immediately identify a file as unknown is the first step in securing the network. Sandboxing can give this reassurance, as it isolates and contains unknown programs in a safe cloud environment for further investigation away from the main network. Behaviour is then analysed, and the threat verified as malicious or not. The benefit of sandboxing is the speed of isolation and incident response which is only possible by using a secure cloud environment.
Sandboxing also ensures that a firewall can continually learn and bolster its defences, by analysing the traffic and files which try to enter the network. This feature means that protection can constantly evolve to remain robust and reliable, no matter what is thrown at the network.
Removing malware concerns
Any solution implemented to secure your company from external threats will only be as successful as the most recent data it is based on. Using a firewall alone to block malware, is like relying on an old umbrella with holes to keep the rain off: it will get through and you will get wet. The only way in which malware can be blocked, is through empowering and updating the defences in place.
In addition to sandboxing unknown threats, your defence strategy needs to be fed up to the minute information and insight in order to block and defy zero-day malware from taking hold. Indeed, research from the Ponemon Institute found that advanced malware and zero-day attacks increased from 16 percent to 24 percent over the past year. By using reliable sources, including feedback from devices, third party data and top ranked threats, the firewall can be optimised to strengthen malware blocking capabilities.
Brushing off the botnets
On top of all threats entering a network via file attachments and malicious emails, compromised websites can also cause significant damage to daily operations. If staff were to carelessly visit a site which has been infected by a botnet or its command and control server compromised, then this could have disastrous consequences for your business.
Your own website is also prime target for attack and key gateway for criminals to infiltrate your network. With SMBs relying on their website as the main sales tool and window into their offering and brand identity, any compromise can be fatal. A data breach or halt to operations can cause reputational and financial damage, which many SMBs might simply never recover from. Indeed, figures from the National Cyber Security Alliance suggest that the cost of a cyberattack can be high enough to put an SMB out of business, with 60 percent of those affected going out of business within six months.
To stop your staff putting the business at risk by unwittingly visiting infected websites, and to keep your own website safe from attack, you need to deploy an intelligent botnet and content filter as part of your firewall defences. This will ensure that all URLs visited by users are checked for cyberthreats, based on local and wider knowledge. If a site is malicious and riddled with malware and botnets, users will be blocked from accessing it.
These examples reflect just a small number of ways in which AI can enhance the overall security landscape; not just in keeping networks safe. It is becoming clear that having a network security solution, such as AI, which can cope with threats of all shapes and sizes. In fact, the only constant in an always-changing cybersecurity landscape is AI.
Thorsten Kurpjuhn, European Security Market Development Manager at Zyxel