What Makes a Security Plan?

      Hello, and welcome back to my blog. This week, I would like to quickly discuss the levels that go into making a security plan. These types of plans are an important tool for IT departments and Cybersecurity Administrators to design a plan that will help protect or slow down an attack on the network.     Of course, security plans can vary from company to company; however, their purpose remains the same, with threats looming every day. With IT managers adjusting in response to the ever-changing threats, the created security plan must be designed to stop or slow down any attempt to breach network defenses. Below we will look at the principal components of a security plan and what they entail.    Separate Networks              As the name suggests, having more than one network can protect company assists from hackers and the like. The reason being is that having every computer on one network would lead to issues if that subsequent work were to fail, which would stop operati

The Future of AI and Network Security

         *Below is a paper that I wrote for one of my college courses that discusses the future of AI and how it may affect network security. I hope that you enjoy the information as much as I did research the material. Of course, if you have any insight on the topic or would like something to add that would benefit the paper, please feel free to leave a comment below! 

    Network security has been the focus for many years as data breaches seem to occur regularly. When these events happen, personal information and sensitive company data may get leaked, which could damage a company's reputation or ruin the lives of users. However, what if there was a way to mitigate threats to keep personal information and company information safe from prying eyes? This paper will dive into the world of network security and look at how Artificial Intelligence can assist in keeping a network safe from bad actors. 

Before we begin, let us look at the brief history of Artificial Intelligence and how it has evolved since it was created, too, now. Artificial Intelligence has been around for some time dating back to 380 BC; however, during this time, philosophers were contemplating the idea of human thinking that could be "artificially mechanized and manipulated by intelligent non-human machines." (Reynoso, 2019) In moving forward, pop culture would solidify artificial intelligence in movies, books, and television with Si-Fi stories, which would inspire generations of mathematicians, scientists, and philosophers with the concept of what artificial intelligence would become today. It would not be until the 1950s where Allen Newell, Cliff Shaw, and Herbert Simon would present the first artificial intelligence program called Logic Theorist. Logic Theorist program was specifically engineered to mimic the problem-solving skills of a human being. This would have an impact on the newly developed field of information-processing or better known as cognitive psychology. This and many more papers like it would mold the future development of AI to today. 

Nevertheless, is the purpose of artificial intelligence? Nicholas V. Findler who is the Professor at Arizona State University at The Emeritus College said that "The basic objective of Artificial Intelligence is to enable computers to perform such intellectual tasks as decision making, problem-solving, perception, understanding human communication (in any language, and translate among them), and the like." As AI progress and become smarter, and since it can be applied in almost any industry, imagine how it could be implemented in an area where it could monitor a network in real-time and then alerting IT personnel to report issues that may occur or stop it all together before anything could be compromised. In doing this, networks could become secure as there would be a watchful consent eye on the network, which would help IT professionals address areas that need attention. 

What about Machine Learning? Is it the same as Artificial Intelligence? Unfortunately, Artificial Intelligence and Machine Learning are used interchangeably; however, they do not refer to the same thing. Machine Learning is a subset of Artificial Intelligence, which helps train machines how to learn. In addition, Deep Learning is another subset that in Machine Learning as well. To understand how this would look, imagine three circles, one large circle with a smaller circle within it and then another within the smaller circle. The smallest circle is Deep Learning, which is the evolution of machine learning. It contains algorithms that are roughly inspired by information processing patterns that are found in the human brain. In this area, just the same as we use our brains, deep learning allows AI to identify patterns and various information types. In the circle outside of that is Machine Learning, which allows machines to learn by themselves with the information that has been provided—then followed by the AI that encompasses the two, which we interact with daily. Of course, there are two different Artificial Intelligence types, and they are classified into two groups, general and narrow. General Artificial Intelligence is what can solve complex problems and is what is described above. Narrow Artificial Intelligence can perform specific tasks, such as identifying images and classifying them, which is an example of narrow AI. 

         With all this being said, how can Artificial Intelligence be implemented in network security? Before we go into that area, let us take a look at network security and where it is today, along with the innovations that have been made in that field. When it comes to cybersecurity, a well-run company, regardless of its size, must eventually have to address the issue that cybersecurity will require a large amount of investment. Experts believe that technology based on artificial intelligence and machine learning is where companies need to invest in computers, network security, and data security. (Bocetta, 2019) One of the biggest questions right now is how businesses are structuring their cyber defenses, and how will it change the future now that AI will be used to identify when an attack is imminent? As Bocetta explains in his article, "The majority of legacy cybersecurity tools require human interaction and configuration at some level. For example, a person from the IT department must set the firewall policies and backup schedules as well as ensure that they are running successfully. The advancement of AI changes the whole equation. In the future, companies will be able to rely on smart tools to handle the bulk of event monitoring and incident response. The next generation of firewalls will have machine learning technology built into them, allowing the software to recognize patterns in web requests and automatically block those that could be a threat." (Bocetta, 2019). This would be game-changing. However, the issue of cost comes into question as building the framework for AI could go into the millions as to create such a structure would require a team of experts to build and then train the AI to identify the different types of threats. 

One of the cost-effective solutions would be to invest in hybrid systems, which would contain tools that a human can operate. (Bocetta, 2019) The future of networking looks to be an exciting field as new technology will be implemented, which will be able to survey the Internet so that it would be able to identify threats as they around to occur. This would be a fantastic technology to have as the network administrator of a small or large company would decide if such a threat were to occur. As Bocetta says in his article, "Investing in cybersecurity solutions and tools is a necessary task for businesses of all sizes. Those with smaller budgets may think they can save money by taking shortcuts, but they are often the prime target for hackers for exactly this reason. Cybersecurity products prove their worth in the long run by reducing one's organization's risk and protecting it from dangerous unknowns. The good news is that thanks to advancements in AI technologies, companies will likely not need to maintain large cybersecurity teams within their IT department as the future unfolds. Tools based on machine learning are extremely good at picking up patterns and uncovering incidents before a human user typically would. For now, organizations should pair workers with these next-generation tools in executing a cybersecurity strategy and stay tuned for new AI developments." (Bocetta, 2019) 

            With the current situation around COVID-19, companies found themselves in a peculiar place as working from home became the new way of life. If anything, the pandemic proved a few things regarding the need for a safe and reliable Internet connection, and working from home could be the new thing moving forward. These new revelations bring up the question of how safe the network will be if employees who are working from home and require access to the company network from afar? As many organizations began to shift focus, IT security teams started to switch their attention to deploying enterprise-wide virtual private networks (VPN) and partner with employees to harden their home networks and devices. As remote working has become more common, digital security is changing to accommodate this trend; however, with these changes, innovations are also taking place are quantum computing and Information Technology, and Operational Technology are becoming the same or IT/OT convergence. How is Quantum Computing factored into this conversation? It is being mentioned that with encrypted information over the Internet, a Quantum Computer can easily decipher the encryption, which makes encryption practices obsolete in a matter of minutes. In this case, the public keys infrastructure system can be rendered useless if attacked by a quantum machine. However, one technology is being developed that could counter this issue, and it is called Quantum Key Distribution or QKD. This method uses quantum physics to create an encryption key is could take years for a quantum computer to decipher without having the key to unlock it. However, it is still to be seen when this would come to the mainstream, which could be years down the road. The convergence of Information Technology and Operational Technology is challenging organizations' digital security as in the past; these two departments did not collaborate; however, as time has changed and threats become more prominent, working together can reduce operational cost and reduce downtime, and increase manufacturing output. The reason for the integration is the ever increase in optimization and efficiency. 

            With all this happening today, where is Artificial Intelligence now? Currently, Artificial Intelligence is being used in all parts of life. From smartphones to smart houses, Artificial Intelligence is being used to service the average consumer. Of course, the type of AI is the narrow version, which suits most needs and is used to pull information, sort through photos, classify them, and play music from voice commands. These types of Artificial Intelligence are using algorithms to perform these tasks. On the enterprise level, AI is being used in a more sophisticated manner as AI with the addition of Machine Learning and Deep Learning is being implemented in security software to protect the network better. However, Artificial Intelligence that we work with daily may not be the smartest system currently. Google's DeepMind, which can make connections and reach meanings without pre-defined behavioral algorithms, uses a neural network like that found in the human brain. Of course, this is not on the same level as what is seen on television or in books, but it is getting close. 

            Only time will tell when Artificial Intelligence becomes part of the equation in cybersecurity. However, the question to ask would be Artificial Intelligence, and Quantum Computing be a game changing event that will help keep networks safe? With the help of faster hardware, the software can utilize the advancement and compute at a faster rate. Somewhat like replacing a hard drive with a solid-state drive, speed is what makes or breaks a device or computer. This will apply with Artificial Intelligence as the current hardware is a limiting factor and the coding involved. However, Quantum Computing will allow for faster processing and decision-making, making Artificial Intelligence decision making more comfortable identifying issues in a network security environment. Not only will this increase its capabilities, but it can also make it more human-like. The exciting aspect to this would be when an alert comes down the line to the network administrator. The administrator may not know that the alert came from a real person or the firewall with Artificial Intelligence built-in.

Moreover, imagine having a defense in depth approach where Artificial Intelligence is established in every firewall on the network. Its ability to monitor every part of the network 24/7 would be astonishing. However, Artificial Intelligence is not replacing the IT department as replacing hardware cannot be done on its own. It will be another tool that would help the IT department monitor the network and help identify issues with hardware, such as bad routers or workstations. 

            It is interesting to think that with Artificial Intelligence assisting IT departments monitor a network as futuristic. The one thing to keep in mind would be the ever-increasing threat of data breaches from within the network or outside. Having an AI watching over the network gives a security level that, when an attack occurs, an alert can go out to the network administrator with information of what has been blocked and where it originated. All in the hopes that the IT teams on duty can monitor the situation and react in time to mitigate any damage to the network and its systems. The future does look bright for network security with the addition of Artificial Intelligence. With more innovations in technology, networks could become so secure that it would be impossible to attempt an attack; however, there is still the possibility that attacks could happen from within the business, which still requires the need of best practices of security with employees and contractors to protect company data and customer information safe. 

 

References

 

Azvine. (2020, September 25). The future of AI & cybersecurity. Computer Business Review. https://www.cbronline.com/opinion/the-future-of-ai-and-cybersecurity

Balbix. (2020, August 18). Using artificial intelligence in cybersecurity. https://www.balbix.com/insights/artificial-intelligence-in-cybersecurity/

Cisco. (2019, June 10). The network gets smarter, simpler and more secure with artificial intelligence and machine learning. PR Newswire: press release distribution, targeting, monitoring and marketing. https://www.prnewswire.com/news-releases/the-network-gets-smarter-simpler-and-more-secure-with-artificial-intelligence-and-machine-learning-300864306.html

Heath, N. (2018, February 12). What is AI? Everything you need to know about artificial intelligence.

ZDNet. https://www.zdnet.com/article/what-is-ai-everything-you-need-to-know-about-artificial-intelligence/

Thompson, Li and Bolen. (n.d.). Artificial intelligence, machine learning, deep learning and more. https://www.sas.com/en_us/insights/articles/big-data/artificial-intelligence-machine-learning-deep-learning-and-beyond.html

Bocetta, S, et al. “Is AI Fundamental to the Future of Cybersecurity?” CSO Online, CSO, 12 June 2019, www.csoonline.com/article/3402018/is-ai-fundamental-to-the-future-of-cybersecurity.html.

Anyoha, Rockwell. (2020, April 23). The History of Artificial Intelligence. Science in the News. https://sitn.hms.harvard.edu/flash/2017/history-artificial-intelligence/

Bisson, D. (2020, July 22). 3 Emerging Innovations in Technology that Will Impact Cybersecurity. The State of Security. https://www.tripwire.com/state-of-security/featured/emerging-technology-cyber-security/

Findler, Nicholas V. (n.d.). AI (artificial intelligence) -- a list. Welcome to the Emeritus College at ASU | The Emeritus College. https://emerituscollege.asu.edu/sites/default/files/ecdw/EVoice1/n1%20Findler.htm

Garbade, M. J. (2018, September 14). Clearing the Confusion: AI vs Machine Learning vs Deep learning differences. Medium. https://towardsdatascience.com/clearing-the-confusion-ai-vs-machine-learning-vs-deep-learning-differences-fce69b21d5eb

Reynoso, R. (n.d.). A Complete History of Artificial Intelligence. Learning Hub | G2. https://learn.g2.com/history-of-artificial-intelligence#ai-1

Comments

  1. This post is really awesome. Genuinely i like this blog. It gives me more useful information. I hope you share lots of things with us .Cyber Security IT Courses In Canada

    ReplyDelete
  2. Thanks for publishing such great information. You are doing such a great job. This information is very helpful for everyone. Keep sharing about it support Houston. Thanks.

    ReplyDelete
  3. This content is written very well. Your use of formatting when making your points makes your observations very clear and easy to understand. Thank you. Network Security Test

    ReplyDelete
  4. I am attracted by the presentation of this article. This information about IT Support Services is really good. I really appreciate your work. It is a gainful article for us. Keep posting. Thank you.

    ReplyDelete
  5. I like this article about Network wireless security Canada. I was searching over search engines and found your blog and it really helps thank you very much.

    ReplyDelete
  6. Very interesting and amazing article about Infrastructure network security. I will surely share it with friends. Thanks for sharing.

    ReplyDelete

Post a Comment

Popular posts from this blog

What Makes a Security Plan?

Outsourcing vs. Cloud Computing, a quick look

Public vs. Private Clouds: A quick look at the Pros and Cons