Oracle has released a new whitepaper titled “Machine learning-based adaptive intelligence: The future of cybersecurity”, which talks about the adoption of cybersecurity technologies that are continuous, adaptive, real-time, and intelligent, by relying on artificial intelligence (AI) and machine learning (ML) algorithms.
While there is an obvious increase in adoption of cloud technologies, the security threats are not going away with that same adoption so such services across cloud and on-premises require a new approach to cyber defense.
In its keynote speech at the Oracle OpenWorld 2017 conference, Oracle CTO and Chairman Larry Ellison said, “The way to secure our data, the way to prevent data theft, is more automation. And we need a cyber defense system that automatically detects vulnerabilities and attacks. Fix the vulnerability before an attack. And then, if there is an attack, detect the attack and shut it down”. He also said, “we need new systems. It can’t be our people versus their computers. We’re going to lose that war. It’s got to be our computers versus their computers. And make no mistake: It’s a war.”
The whitepaper argues that while traditional firewalls, intrusion protection systems, and other preventive security technologies are an important part of cybersecurity, they are no match for new threats in the cloud and mobile environments. It continues to say that comprehensive security portfolio should be based on a zero-trust model, with no implicit trust for any user, device, or application, and any form of trust must be established and built into an entitlement model or policy and that same rigorous approach should be applied to the cloud, on-premises, and hosted environments.
The ability to detect a breach and respond quickly to a known attack, now more commonly known as the mean time to detect (MTTD) and mean time to respond (MTTR), are two essential metrics in cybersecurity. Artificial intelligence and machine learning are perfect tools that can correlate events and apply heuristics to detect patterns, trends, and anomalies in the data, including detecting new alerts, adding context to those alerts, and responding quickly to address and resolve incidents, creating an automated cloud security solution that can evaluate millions of patterns and discover suspicious activity.
Machine learning algorithms can scale perfectly to use large volumes of data when deployed in the cloud and an AI algorithm can process that same data to identify patterns, create audit reports, and detect security risk indicators based on pre-defined threat models, baseline risk indicators, abnormal events, and suspicious user activity.
The whitepaper also talks on how AI and ML technology help to further streamline activities in the network and enhance its security.
Some of the key features of such solutions include continuous detection, adaptive responses, risk analysis through identity and
context, trust-based review, and architectural integration, both providing a proactive defenses that protect users, applications, content, and data as well as figuring out how to apply consistent security controls across cloud and on-premises environments.
Of course, the whitepaper focuses on some of Oracle’s own security products which combine contextual identity-as-a-service, a cloud access security broker, security monitoring and analytics, and configuration and compliance capabilities.
The full “Machine learning-based adaptive intelligence: The future of cybersecurity” whitepaper can be download directly from Oracle (possible registration required).