Cyber-security has never been more important for enterprises. With regulations such as GDPR in force, falling victim to a breach can result in damaging financial consequences. As consumer awareness of data protection grows, many will stop doing business with a brand that’s suffered a breach. As a result, cyber-security spending has increased significantly, with Gartner predicting a 9% rise in 2019 compared to spending in 2018.
However, there were still a number of high-profile attacks in 2019, with 4.1 billion records exposed in the first half of the year. Worryingly, 3.2 billion of these records were exposed by just eight breaches, demonstrating how much damage a successful attack can cause. Big names were hit, including Capital One and Equifax, but smaller companies also suffered, with 32% of UK businesses identifying a cyber-security breach or attack according to DCMS’s Cyber-Security Breaches Survey 2019.
It’s clear that businesses today are continuing to face an unprecedented level of threat that goes beyond simple malware protection and antivirus software, as cyber-criminals become more adept at identifying and exploiting vulnerabilities in networks. At the same time, advances in technology, specifically deep learning, will arm businesses with new weapons to bolster their security infrastructure and stay secure in the fight against cyber-criminals. Here are three ways network monitoring will evolve in 2020.
About the author
Ivan Blesa is Head of Product at Noble.
Intelligent network monitoring
2020 will see organisations move away from legacy approaches to network security, towards intelligent network monitoring powered by deep learning that are more adept at keeping businesses secure in today’s threat landscape.
Traditional approaches to network monitoring rely on feeding historical data into a learning algorithm, so that the system understands what’s considered “bad” and can flag future occurrences to security teams accordingly.
The problem with this approach is that it restricts an organisation’s ability to identify activity that’s not been seen before, meaning any new threats can slip through the net. With cyber-criminals constantly evolving their methods and collaborating with each other to find innovative ways of causing damage, businesses need network monitoring solutions that can keep up.
The power of deep learning to analyse complex situations with a level of detail impossible with traditional approaches, opens new possibilities to tackle cyber-threats previously unseen that try to hide behind the noise of business activities.
Unsupervised deep learning-powered network monitoring allows businesses to create a highly accurate and adapting baseline of normal activities within the organisation. By being very precise in detecting what is normal, if becomes extremely effective identifying unseen threats. As a result, businesses will be able to take a proactive approach to cyber-security, remaining on the front foot against attackers.
Businesses that implement deep learning network monitoring solutions will see their analysts become less stressed and more empowered in 2020. This is because deep learning algorithms have the capability to sift through millions of pieces of data simultaneously, in real-time, performing a level of analysis that’s impossible for humans alone to replicate.
The growth of IoT within organisations has meant thousands, if not millions, of devices now contribute to network traffic, all of which are potential entry points for attackers. Cyber-attacks on IoT devices have already increased by 300% in 2019 and as the volume of data continues to increase, the harder it will be for security analysts to identify threats before damage has occurred.
It’s no surprise that in a recent study, 56% of senior executives think their cyber-security analysts are overwhelmed by the sheer amount of data they need to monitor and analyse to keep businesses secure.
Enterprises that fail to equip their analysts with the right tools will see their overall security posture fall short. No matter how big the security team, there is now so much threat data to sift through that attacks will inevitably slip through the cracks if the right tools aren’t in place. This is compounded by a well-documented cyber-security skills gap. According to one report, 63% of organisations globally reported a cyber-security skills shortage, with more than half claiming this put them at a “moderate” or “extreme” risk of attack.
Companies that empower security analysts with deep learning network monitoring solutions will find that they’re able to focus on the most rewarding part of their job: the investigation and detection of complex malicious activities. As a result, stress levels will fall, productivity will increase, and the overall security of the organisation will be strengthened.
Finally, as companies continue to invest in emerging technologies, such as deep learning, security operations centres will transform into modern SOCs. Gartner has predicted that by 2022, 50% of all SOCs will be considered modern SOCs that have integrated incident response, threat intelligence and threat hunting capabilities.
This will present a number of benefits, including real-time network monitoring and analysis, security analysts that are able to rapidly investigate genuine threats and their cause, and a healthier bottom line, as businesses remove the risk of financial damage caused by security breaches.
2020 will be an exciting year for the cyber-security industry. Businesses will move away from traditional network monitoring approaches and embrace emerging technologies such as deep learning to stay secure. Not only will these give them an all-encompassing view of the network, increasing the chances of identifying seen and unseen threats in an evolving threat landscape, but it will also ensure security analysts are empowered to keep businesses secure through 2020 and beyond.
Ivan Blesa is Head of Product at Noble.