Providing effective cybersecurity measures for your organization is like playing a very serious cat-and-mouse game. If you aren’t familiar with the idiom, cat and mouse is an interaction in which the advantage continually shifts between the contestants. One moment, the cat appears ready to pounce on the mouse, and the next moment, the mouse dodges the advance. Then, the cat blocks the mouse’s path but the mouse jukes and goes the other way.
In the cyberworld, the “game” pits your computing environment—protected by your skilled but overworked security team—against a range of miscreants and nation-state-sponsored actors seeking illicit access to your crown jewels. The stakes are high, and should your team lose a round, you’ll soon learn this is no game at all.
Cybersecurity platforms and tools have been evolving to try to give the good guys a permanent upper hand. Not long ago, security tools used static signatures—a sort of watch list—to compare against. For example, a perimeter firewall would look at inbound traffic and ask: Does it come from a known malicious sender? Is the payload malware we can identify? Are there any indicators of compromise (IoCs) that concern us?
The key to using signatures to identify malicious traffic and activity is that you have to develop them in advance. The cat has to know that the mouse will always take the left escape route and then plan accordingly. That doesn’t happen in real life.
Continue reading: https://www.forbes.com/sites/forbestechcouncil/2022/07/14/what-to-look-for-in-machine-learning-for-cybersecurity-solutions/?sh=54208092b21e
In the cyberworld, the “game” pits your computing environment—protected by your skilled but overworked security team—against a range of miscreants and nation-state-sponsored actors seeking illicit access to your crown jewels. The stakes are high, and should your team lose a round, you’ll soon learn this is no game at all.
Cybersecurity platforms and tools have been evolving to try to give the good guys a permanent upper hand. Not long ago, security tools used static signatures—a sort of watch list—to compare against. For example, a perimeter firewall would look at inbound traffic and ask: Does it come from a known malicious sender? Is the payload malware we can identify? Are there any indicators of compromise (IoCs) that concern us?
The key to using signatures to identify malicious traffic and activity is that you have to develop them in advance. The cat has to know that the mouse will always take the left escape route and then plan accordingly. That doesn’t happen in real life.
Continue reading: https://www.forbes.com/sites/forbestechcouncil/2022/07/14/what-to-look-for-in-machine-learning-for-cybersecurity-solutions/?sh=54208092b21e