If the economic damage of cybercrime were a world economy, it would be in third place after the United States and China. And the prospects of climbing the rankings in the coming years would be pretty good, since we talk an increase of 15% per year to reach an impact of 10.5 trillion dollars in 2025.
It is no surprise that cybercrime is experiencing unstoppable growth and the trend is also confirmed in Italy as it is well told. also in the latest edition of the CLUSIT report. In what is, in fact, a continuous game between cops and thieves, however, one always gets the impression that rhymes can hardly keep up with the seconds.
Trivially, looking at the forecasts on the turnover of the cyber security market, it is expected to reach $ 146.30 billion in 2022 and $ 211.70 billion by 2026. A growing trend, but with absolute values much lower than the criminal counterpart.
A technological struggle
What, however, appears to be an unequal struggle, could find balance thanks to the new generation technologies dedicated to cyber security. The sector, in fact, is one of the most active in the research and development of new solutions ready to fight cybercrime, and over time some particularly effective ones have established themselves. Others, however, are either still in the testing phase, or their adoption is proceeding slowly, either because of costs, or because of the difficulty of integrating them into the usual protection systems.
The guide to choosing the best free antivirus for your PC
Let’s see what state some of the main technologies are ready to give support to the world of cyber security, projecting it towards a new, and more efficient, dimension.
The most widespread and used branch of artificial intelligence seems to have also found a place in cyber security for some years. The issue, if anything, is whether it is a commercial pretext or does it actually offer advantages.
Starting from the assumption that the most effective function of machine learning is to analyze patterns and derive increasingly precise and versatile recognition methods, this technology, in cyber security, is effectively used especially in the field of threat intelligence. Here, in fact, a good technology based on Machine Learning is able to collect huge amounts of data, especially IoC, filter them very selectively and, in fact, offer as a result a clear indication of the type of threat that is likely to face.
One of the most advanced examples, in this sense, you have it with Darktracea solution famous for its speed of intervention and response. Microsoft, for its part, is also using machine learning for its Windows Defender Advanced Threat Protection platform and functions related to detection & response based on behavioral monitoring.
Splunk, one of the leading SIEM solutions on the market, was also among the first to make machine learning its hallmark. And not surprisingly, it uses it in threat intelligence and detection.
This field, however, still has enormous room for development, to reduce false positives, improve performance, and adapt more efficiently to new data sources. In particular, we are increasingly focusing on unsupervised learning algorithms, which work on data without any kind of human inference, effectively automating even more the decision-making process offered by machine learning. Increasingly generous amounts of data require greater automation and this is where the main game is being played in the relationship between artificial intelligence and cybersecurity.
Advanced cryptographic algorithms with proven security, combined with an open consultation model: the blockchain actually presents the distinctive features of technology suitable for cyber security.
Not surprisingly, a lot has been done in this area for some time now. Beyond the effectiveness demonstrated in guaranteeing the security of transactions, and the merit assessments on the fact that vulnerabilities still exist, the blockchain is showing promising potential in ensuring data integrity and in digital identity verification systems.
Philips Healthcare, for example, is using the blockchain to ensure that the health data collected is not compromised. The work to be done in the years to come is to standardize a sector that at the moment appears to be somewhat fragmented on a technological level.
Then there is the issue linked to the diffusion of technology: its integration is not trivial and there are still sufficient specialized professionals ready to deal with it in a critical area such as that of cyber security.
According to a Gartner report, APIs (Application Programming Interfaces) represent and will increasingly represent one of the main points of vulnerability of computer systems. On the one hand, the phenomenon is due to the exponential increase of this convenient interface between different systems.
On the other hand, the race to develop APIs brings with it numerous vulnerabilities, often complex to identify. In a Salt Security study, for example, it emerges that in 2020 91% of the companies interviewed admitted to having suffered cyber incidents where APIs were used in an intrusive way.
Sensitivity to this issue has increased, but little has yet been done in the development of proactive technologies capable of shielding APIs from most of the attacks to which they are vulnerable. And this is one of the main technological challenges that cybersecurity will have to face in the coming years. A challenge to be won with an organic project, which starts from awareness.
Even today, in fact, we are based on obsolete protocols, such as XML-RPC and SOAP, while even the de facto standard, REST / RESTful, is still a protocol that dates back to 2000.
There is therefore, first of all, the need to evolve the protocols, embracing more modern solutions that require a long time before being spread and integrated (GraphQL and gRPC the main candidates).
Then, of course, there is a more technological discourse, mainly linked to the development of new generation WAF (Web Application Firewall) that integrate more effective models of malicious traffic recognition and a non-canonical use of an API.
The integration of a development model that takes security by design into account is progressing quickly, but not as fast as it should. According to an IDC study, the DevSecOps market will go from $ 2.6 billion in 2020 to $ 7.5 billion by 2025. Emergen Research even ventures which will reach 23.42 billion by 2028.
Comforting data, but which show absolute numbers that are actually insufficient and spread over a too long period of time, given the threats related to the vulnerabilities of the code.
Yet, the principles of DevSecOps alone can make an important contribution to the mitigation of security problems. Especially in this historical moment, of generational transition between old and new technologies. According to Unit 42’s Cloud Threat Report, 63% of third-party code used to develop cloud infrastructures contains vulnerabilities or misconfigurations.
By contrast, according to Nico Waisman of the GitHub Security Lab, the ratio of cyber security professionals to developers is 1 to 500, demonstrating that in the world of software production there is a lack of skills to better disseminate and integrate DevSecOps.
And so, if on the one hand the need to reduce the gap is evident, on the other it is necessary to rely on technological solutions that mitigate vulnerabilities in an automated way. This is why, among the new generation of cyber security tools, those dedicated to the automated analysis of the code are included. A field in which great strides have been made but where there is still ample room for improvement.
And here, once again, artificial intelligence comes into play, in particular machine learning, in proposing a broader, faster and more precise search not only of the main bugs, but also of the most hidden ones that can trigger attacks. targeted and devastating.
May 17, 2022 – 12:00
WEBINAR – IT channel: how to increase password-free security for customers
@ALL RIGHTS RESERVED