IT security teams are under siege by increasingly sophisticated cybercriminals, a rapidly expanding security landscape driven by greater mobility and the internet of things, and a growing shortage of skilled security professionals that is expected to climb to more than 1.5 million in the next couple of years. Throw in a heightened regulatory environment highlighted by the European Union’s General Data Protection Regulation (GDPR), and the result is organizations that are having difficulties ensuring the security of their businesses and their data, according to a report issued by Aruba Networks and the Ponemon Institute. Many companies are looking at technology such as AI and machine learning to mitigate the challenges of IoT security, among many other things.
“Security teams are overwhelmed,” Larry Ponemon, chairman of the Ponemon Institute, told ITPro Today. “They’re overwhelmed because their jobs are shifting. Not only are they dealing with information and data assets, but they’re also involved in making sure that critical infrastructure and emerging technologies are secure. And we see issues like mobility, BYOD [bring-your-own-device], cloud and IoT, and also blockchain are creating a lot of problems--or at least a lot of noise.”
It's not surprising, then, that companies are looking for tools and technologies that can enable them to automate tasks, provide greater visibility into their networks and their environments, be more proactive when dealing with threats, and keep up with threat groups that are well-financed and run like a Fortune 500 firm, Ponemon said. Increasingly, companies are turning to solutions that leverage artificial intelligence (AI) and machine learning, according to the Ponemon report, “Closing the IT Security Gap with Automation and AI in the Era of IoT.”
“It’s about using this technology to keep up with increasing attacks,” Ponemon told ITPro Today. “The majority of our respondents agree that AI and machine learning are essential to detecting attacks on the inside before they do serious damage to the company. It’s helping the companies be more proactive.”
Organizations face myriad security challenges, though a significant one is IoT. The internet of things can drive benefits for companies in terms of revenue, cost savings, efficiencies and customer service, but the increasing number of connected devices located outside of traditional corporate perimeters--while running applications and generating data--increases the attack surface. The IoT also makes visibility, management and control a challenge, ramping up the security threat.
Being able to defend against attacks that use IoT devices as the way in has become a key gap in organizations’ security efforts, according to the report, which is based on a survey of 3,866 security and IT professionals in the Americas, Europe and Asia. More than three-quarters of respondents said their IoT devices aren’t secure, and 60 percent said even simple IoT devices are a threat. In addition, 67 percent said they can’t view or control every IoT or user device, and 55 percent said they are overwhelmed by the expanding perimeters. Forty-nine percent have staff shortages.
IoT security is getting a lot of attention in the industry, as evidenced by a focus on the issue at the Black Hat 2018 show.
IoT devices and mobility also have created another challenge: Few companies have a single person to assume responsibility for IoT security. Thirty-three percent said their CIO was in charge; no other executive--including the CTO or CISO--was named by more than 20 percent. Fifteen percent of respondents said they had no one with broad security responsibility to include IoT.
CISOs “want to continue doing things they can control,” Ponemon said. “But, suddenly, they’re thrust into this role of not only being CISO but also being the security expert for IoT, blockchain and all sorts of different technologies. If you don’t have central control over something like this, it’s difficult to have great security.”
There is growing interest in using AI and machine learning in security, he said. Twenty-five percent of respondents said they currently are using AI in their security environments, and another 26 percent said plan to deploy solutions with AI in the next 12 months. That leaves about half of respondents not using the technology now and with no immediate plans to do so, but that isn’t a huge concern, according to Larry Lunetta, vice president of security solutions marketing for Aruba.
“Machine learning is showing up in a lot of security solutions,” Lunetta told ITPro Today. “Some of it’s valid and some of it’s not, but we’re not too concerned about whether we think organizations are going to be using it. Most of them will be using it just by the virtue of the way security technology is going.”
Among the key benefits of using AI-based security products is reducing false alerts, according to 68 percent of respondents. Other advantages are increased effectiveness by the security teams, greater investigation efficiencies, and the ability to more quickly detect and respond to attacks that have gotten past perimeter defenses and into the IT environments.