Data breaches are often caused by malicious hackers breaking into corporate networks with the initial purpose of stealing data or a ransomware attack that could interrupt business operations. However, that has not been the trend this year. In January alone, the Oklahoma Securities Commission was hit badly, and an online casino group lost 108 million records. These, plus other incidents, were all the result of human error. This is just a handful of organizations that have suffered data leaks in January 2019 due to the lack of a password on their servers.
Data fraud and cyberattacks are the number four and five global risks, in terms of likelihood, facing every organization today, according to the World Economic Forum’s 2019 Global Risks Report. Organizations must take security more seriously to retain revenue numbers, reputation and customer/investor trust in their services, according to Gaurav Banga, the CEO and founder of Balbix.
Banga demonstrates how artificial intelligence can be leveraged to proactively avoid data leaks.
Digital Journal: Where are most data privacy threats coming from?
Gaurav Banga: The enterprise attack surface is massive and growing rapidly. All devices, apps and users present in an organization’s environment are susceptible to more than 100 different attack vectors including phishing, misconfigurations and keylogger viruses. , There has been a recent spike of data breaches resulting from misconfigured databases left unsecured without passwords, include data compromises at Ascension, VOIPo and Houzz.
DJ: How vulnerable are businesses to data hacks?
Banga: All businesses are possible targets to data theft from malicious actors or data leaks. However, organizations that gather, store and transmit high-value, personally identifiable information (PII) on consumers, such as those in the healthcare and financial services industries, tend to be targeted the most often.
The enterprise attack surface is massive and growing rapidly. There are millions of permutations and combinations of methods by which the adversary can attack and compromise enterprise networks and monitoring and analyzing the attack surface to improve your security posture is not a human scale problem, leaving all businesses vulnerable to data breaches.
The exposure of PII such as Social Security numbers, dates of birth, addresses, names, drivers license and more can lead to countless heinous and damaging acts such as identity theft, the filing of false tax returns, or applying for loans or credit cards in a victim’s name.
When businesses expose any type of information due to data breaches, they risk permanently damaging their public image, losing customer trust, losing revenue due to an interruption of operations, hurting investor or shareholder trust, and facing fines from data privacy laws.
DJ: Are there any notable cases?
Banga: Marriott International (383 million customer records), Under Armour (150 million customer records), Quora (100 million customer records) and Facebook (50 million user records) were all companies that suffered significant losses of customer information from data breaches in 2018 in terms of the number of records exposed.
DJ: What actions can businesses take in general to defend themselves?
Banga: Traditional methods such as vulnerability assessment or penetration testing analyze less than 5% of the enterprise attack surface. These legacy methods then proceed to produce feedback that is voluminous, unprioritized and often irrelevant. Due to this lack of a viable proactive security strategy; time, effort and money that goes into the unsuccessful detection and reaction to security events is wasted.
To defend themselves, businesses need to approach the security problem by using risk-based vulnerability management platforms that use deep learning and AI to continuously gather and analyze data about the enterprise attack surface. This includes a comprehensive inventory of all IT assets, as well as continuous monitoring across a broad range of attack vectors. All this data needs to incorporate deep context around business criticality of each asset. AI-powered analysis of this data would provide organizations with risk insights and prioritized actions in order to better secure their assets and improve their security posture.
DJ: How can artificial intelligence help in particular?
Banga: Current cybersecurity practice relies on perimeter defenses, signatures, anomaly models, whitelisting and incidence response, and has proven to be largely ineffective in protecting against breaches. This state of affairs is due to the vast attack surface of the modern enterprise IT environment — the myriad of ways in which the enterprise can be broken into. The adversary is able to create new and undetectable malware routinely and inexpensively by finding some vulnerable point in this massive attack surface. Defenders fail to prevent advanced malware from invading the enterprise, and breaches are typically discovered several months after the attack.
AI is ideally suited to meet the most difficult challenges faced by enterprises, including cybersecurity. With 100s of breach methods and the proliferation of devices that comes with digital transformation, organizations can leverage AI to continuously gather and analyze data about the enterprise attack surface and apply business context to produce relevant insights. AI powered systems can continuously predict where and how breaches are likely to happen and provide specific prescriptions — prioritized by business risk — to improve security posture, prevent breaches and improve cyber-resilience.
DJ: How do AI systems learn about emerging threats?
Banga: Advanced AI and deep learning algorithms automatically self-learn new attack methods by analyzing data from internal and external threat data feeds from all applications, users and IT assets including: IoT, cloud, on-premise, mobile and third-party assets.
