Cetrom Blog - Industry insight from leading cloud provider

How Artificial Intelligence is Reshaping Cyber Security

Written by Mira Bragg | August 19, 2019

Whether it’s Chatbots when we’re shopping for goods or services, facial recognition algorithms, or AI that helps match you with possible jobs on LinkedIn, AI has been steadily creeping into our everyday activities and interactions for some time now.

Many experts believe that AI has the potential to fundamentally change our world in ways not yet understood. In other words, AI is just the tip of the iceberg, so to speak; what we are experiencing now on Amazon or when we unlock our computer with facial recognition is just the beginning.

As we know, advances in technology and machine learning can be used to accelerate the completion of common tasks or to try and solve the most complex problems. And the evolution and rapid acceleration of tech power can be used in the name of good or deployed to achieve nefarious ends.

The world of CPA firm cyber security is no different.

As technology advances, hackers and bad actors find new loopholes and pathways to exploit. As AI flexes its muscles, the cyber world, both the good and bad, gets stronger, more advanced, and increasingly complicated. The power of AI to thwart cyber attacks, be they malware, ransomware or an active, solo hacker, is evolving as this is being written. The bottom line, however, is that human monitoring of any given IT network is doomed to failure: The global reach, non-stop change, and hyper-speed of the cyber security threat matrix is far too much for any one IT person—or even a sizable team—to handle.

“With the pace and amount of cyber attacks, human intervention is simply not sufficient for timely attack analysis and appropriate response,” According to a recent article in the International Journal of Artificial Intelligence & Application. “The fact is that the most network-centric cyber attacks are carried out by intelligent agents such as computer worms and viruses; hence, combating them with intelligent semi-autonomous agents that can detect, evaluate, and respond to cyber attacks has become a requirement.”

Thus, the “intelligent agents” and active hackers must be, at least in part, combated by AI-driven defenses supported by human cyber defense teams. The fact is, IT teams cannot handle the vast and ever-changing threats their networks face.

According to a Forbes’ citation of a recent survey of 850 top executives across seven industries, “56% of senior execs say their cybersecurity analysts are overwhelmed and close to a quarter (23%) are not able to successfully investigate all identified incidents.” It’s clear that executives at large companies that face constant cyber attack threats recognize that deploying AI is critical to defending their data and networks.

However, how to best use AI to defend sensitive client data, protect networks, and, most importantly, avoid the total disaster of a breach like those suffered by Equifax or Capital One, is evolving.

Here are a few ways companies are leveraging AI as they attempt to figure out the best mix of AI and human input to improve network and data security.

AI Network Scanning
That same Forbes story noted that 51 percent of these executives are investing in AI used for detection. Much of detection work is rote, mundane work that’s less than ideal for people and a perfect fit for AI, which never gets bored or tired or careless. AI is a logical solution for improving the speed and accuracy of breach detection.

By and large, the faster an attack or breach is identified the less damage and loss occurs, provided your company and IT team have a solid incident response protocol in place. In this way, AI’s always-on, always-scanning nature not only can reduce vulnerabilities, it also can increase attack response times by allowing your IT team to focus on response rather than everything all at once, including detection. In that way, AI enhances your cyber security program both in detection and response. What’s more, AI tends to have more use cases for detection while response and data analysis are still evolving and being explored for best-practice uses.

Email Scanning
The sheer volume of email activity at a company of any size makes manual, human-led monitoring very difficult, if not impossible. AI-driven email monitoring for phishing emails is consistently more effective than other methods. Having automated, AI-led email monitoring is really the only effective approach to mitigating the biggest cyber security risk of all: an employee willing to open an email and click on a button that opens Pandora’s Box.

AI Trumps Antivirus
Antivirus tools are always lagging behind the pace of existing malware threats. File-based threats emerge and are catalogued by antivirus software as signatures. As signatures are identified, files with matching signatures get quarantined. The problem is that there is a lag between the signature and the ever-changing and advancing methods of malware and hackers. AI can detect threats without the lag as it doesn’t depend on signature updates; AI will look at anomalies and unusual program behaviors as they happen, so there is no gap for malware of hackers to exploit between signature detection and distribution.

If a CPA firm is relying on human monitoring and legacy antivirus software it is simply much more vulnerable to attack.

The Best Solution for CPA Firms Seeking Better Cyber Security
AI for cyber security is evolving and it’s important for CPA firms to understand that AI is not a panacea. For one, AI is a better investment for detection at the moment, as AI’s direct role in response effectiveness is still not clear, either from an effectiveness or return on investment standpoint. On the other hand, a purely human-monitored, antivirus IT security ecosystem is woefully inadequate to defend against modern cyber threats.

The best solution for CPA firms is to find the right mix of a highly skilled and dedicated IT team enhanced by a professional and reputable IT-managed services team that leverages the best AI has to offer.

In May 2019, Cetrom was hit with a Ransomware virus. However, 100 percent of client data was recovered. To help prevent future cyber threats, Cetrom has deployed multiple AI-based security solutions to help protect its clients.

Cetrom can help you and your CPA firm reduce its cybersecurity risk profile. With 24/7 support from tier-3 technicians and geographically dispersed servers, we can help keep your firm up-and-running and safe while you focus on serving your clients. Reach out to us today—we’d love to learn more about your challenges and goals for the 2020 tax season.