Amit Roy,
EVP and Regional Head, EMEA

Securing The Base

Amit Roy, EVP and regional head, EMEA, Paladion, discusses how AI can boost security for organisations in the Middle East by better detecting, analysing and responding to cyber risks.

What are the main challenges in cybersecurity now, and how can AI help?

Roy: There are three industry challenges which the cybersecurity industry is facing, despite investing in different technologies and models. One issue is how do you detect deeper unknown patterns and threats. With a threat that’s known a human can always put rules and signatures. You can look at it because you know a threat has emerged and you know what is to be done. There are various tools and various prevention technologies which enterprises have been using to handle those kinds of threats, but they still face targeted attacks which are difficult to uncover.

The second challenge is if you take any attack or any compromise globally you would see that, by and large, people come to know about that incident close to within 180 days. So enterprises tend to find out about a breach late, and by the time they have a mechanism to respond, the damage has been done.

Everyone believes that someday or another, they are going to have an incident but what determines whether it is a real breach or not is their ability to detect, respond and mitigate or remediate in time, or did they let it pass without being able to do anything about it.

The third challenge is that while organisations, especially the larger enterprises, have invested in various mechanisms to continuously find out what kind of vulnerabilities exist in a network, they are unable to decide which ones to prioritise and patch. This was part of the problem we saw last year when the Wannacry incident happened. The compromise was well known, but when the incident happened it took everyone by surprise because most organisations took no measures to patch it up.

These are the three practical challenges and they can only be tackled if you use machine learning, deep learning and artificial intelligence, combined with the human brain. That is what Paladion has done.

How have you brought AI into cybersecurity?

While our platform drives enhanced security results at every stage of a potential threat’s lifecycle, we specifically designed it to tackle the three modern security challenges I mentioned above.

First, our AI platform detects unknown attacks that follow unknown attack patterns.

We have built algorithms and statistical models that find anomalous, potentially malicious patterns within user and network behaviour. Our AI platform uncovers these behaviours, and then presents them to our experienced analysts and Threat Hunters.

These human experts utilise these AI-generated enriched alerts to determine if they are witnessing a false alarm, or if they’ve found an unknown threat—with no previous record or signature—emerging within the network.

Second, our AI platform can not only identify an organisation’s vulnerabilities, our platform also prioritises those vulnerabilities, and helps organisations focus on real threats.

We designed our AI platform to give special attention to vulnerabilities with existing exploits. If our platform identifies 10,000 vulnerabilities in your network, but sees that only 1,000 of those vulnerabilities have existing exploits, then our AI will tell you to patch those 1,000 exploitable vulnerabilities before you handle the remaining 9,000 lower-priority issues.

Third, we built our AI to help our clients contain and control their uncovered incidents ASAP.

To do this, we used our AI to build “rule books”, also known as “incident response mechanisms”. These help us quickly uncover threats, and then immediately focus on how to effectively respond to them. Our Machine Learning algorithms allow us to rapidly develop very fast, consistent responses to unknown threats. The result: drastically reduced dwell times.

Excellent. Dubai as a city and UAE as a country has embraced most of the latest technologies for the right reasons.

How is market in the Middle East?

We want to help Dubai on its path to becoming a smarter city and of course, you can only get smart analytics if you embrace AI.

Gone are the days when cybersecurity used to sit in one corner of the IT park. It has become a board level decision. You talk about any strategic initiatives of organisations or for that matter a country and cyber security is in the top two or three. You cannot do that unless you embrace the latest in terms of innovation and AI.

That is where we find our managed detection response service and AI driven MDR service is resonating extremely well especially in this part of the world. It’s not only for enterprise customers, the SME segment can use it. It is cloud ready, easy to deploy and the customer gets seamless and results and outcome based results.

You opened the first AI-driven Security Operations Center in the Middle East in Dubai in April. What was the rationale behind that?

We wanted to invest in the region so that we could be closer to regional customers. From the Command Centre we are providing the detection response mechanism and we are also providing time dissipation services which are more regionally driven. By combining this centre with global command centres, we are able to offer customers the best of both worlds: a regional security outlook with a global perspective.

This article was originally published by VarIndia. It can be viewed on here.