How artificial intelligence will help enterprises fight ransomware and prevent cloud security breaches

Every year, the cybersecurity world faces new challenges and obstacles that businesses need to deal with, and we’re seeing, for example, how 2021 is shaping up to be an incredibly dangerous year. Most notably, ransomware has been a hot topic in the industry following a series of high-profile incidents involving organizations such as Kaseya and the Irish Health Service falling victim.

Additionally, the ransomware attack against JBS Corporation clearly demonstrates the potential severity of supply chain attacks. More broadly, the ongoing shift to hybrid working and rapid adoption of cloud computing also means businesses must re-evaluate their security infrastructure to ensure remote workers are adequately protected.

So, how will the lessons of 2021 shape the cybersecurity landscape in the years to come? Here are five aspects of cybersecurity that will evolve in the near future.

1. Cloud security will face increasing pressure

First, ransomware will turn to stealing and encrypting cloud data. Although this sometimes occurs through attacks on third-party data processors (as we saw Labor Party members' data being held to ransom). Next, we will see that under the "shared responsibility" model, client data will increasingly be directly attacked by ransomware gangs.

2. Take proactive steps to minimize ransomware attacks

In terms of protecting against ransomware, we will increasingly see There will be a public crackdown on ransomware gangs, and formal oversight of information security will increase due to the prevalence of ransomware attacks. However, we will also see that many public sectors are ill-prepared to deal with this threat. Finally, we will see that the consequences of ransomware relative to data loss or breach will be relatively reduced, because human-operated ransomware is detected and stopped before it can successfully explode.

It will become increasingly important for enterprises to have a defense-in-depth security architecture that covers the network and endpoints and can quickly detect and stop these attacks. The focus is on prevention rather than performing time-consuming recovery operations from backups or, worse, having to pay a ransom. Business continuity plans must be constantly adjusted to properly account for the heightened risk ransomware poses to individual businesses, while investing appropriately to prevent and minimize downtime caused by attacks.

3. Enterprises have growing demand for managed detection and response services and automation

In addition to ransomware, although The number of managed security services will continue to grow, but key subsidiaries of organizations will face a shortage of talent in the areas of automation, orchestration, and analyst-augmented artificial intelligence. Businesses will recognize that outsourcing a business environment to an external entity can be difficult and that a few well-equipped and supported internal resources can be more effective than a large number of external resources.

4. More use of artificial intelligence to combat malicious use of multi-factor authentication (MFA)

Another area of ​​concern is around multi-factor authentication Factor Authentication (MFA). Some major tech giants like Microsoft and Google are implementing MFA. This is largely because attackers continue to successfully steal credentials and bypass basic authentication processes. However, while MFA is a step that every company should take - criminals continue to prove that it is not enough to keep them at bay. outside the door. In some cases, criminals are even using bots to help them deal with MFA issues, which will continue to be an uphill battle for businesses. As a result, we will see more enterprises turn to AI-powered security tools to help stop attacks that bypass MFA.

5. Governments and regulators pay more attention to cybersecurity

After multiple attacks on the nation’s critical infrastructure, President Biden The executive order on improving cybersecurity issued in May 2021 aims to significantly improve cybersecurity standards. We expect to see other governments taking an increasingly robust approach to meaningful and effective cybersecurity controls, aiming to be more resilient in the face of serious cyberattacks. Initiatives by UK regulators, such as the Penetration Stress Testing Mechanism (CBEST) in financial services and the TBEST regime in telecoms, which will promote a security threat intelligence-led approach to objectively assess vulnerability to attack, will almost certainly Expand to other key departments.

Always Be Prepared Prepare to ensure you have the best protection against potential threats. To achieve this, organizations should look to implement a detection and response strategy. This often involves using a combination of artificial intelligence and machine learning (ML) techniques to look for these intersectional operations that are authorized but exhibit suspicious behavior, as well as certain behaviors that an adversary will exhibit in launching an attack.

If businesses believe they have been compromised and actively look for signs, they will be in a better position to detect attacks and then stop them before they cause damage.

The above is the detailed content of How artificial intelligence will help enterprises fight ransomware and prevent cloud security breaches. For more information, please follow other related articles on the PHP Chinese website!