The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves

The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves

SUMMARY

Our immune system is like a self-policing, machine-learning mechanism

Enrich the decision engine with 'inside-out' and 'outside-in' intelligence to identify new threats

Artificial intelligence should enable autonomous system remediation and acclimatize of new patterns

Cyberattacks are expected to increase exponentially in volume and sophistication, yet defences remain rudimentary. Overwhelmingly, security efforts by most organizations focus on building strong defensive walls designed to keep malicious actors, viruses and programs out; the reality is that these defensive walls will only last until the attackers find a way to jump over the wall.

Organizations must move towards ensuring their systems, networks, environment and data are resilient and capable of self-defence.

Drawing References From Biology

The battle between the virus and its target (in biological terms, the “host”) has been going on in biological organisms for millions of years. Through evolution, human beings have developed sophisticated defence systems that block external viruses and bacteria and at the same time monitor and attack internal threats.

Just like the Covid-19 pandemic the world is witnessing right now, new virus strains will develop, and over time, the human physiology will develop antibodies to fend off attacks.

Our skin is the first layer of defence, acting as a sophisticated barrier much like a firewall. The skin prevents external threats and can repair itself after an attack. Its capabilities are complemented by the work of the immune system, which acts as a second layer of defence.

Our immune system is like a self-policing, machine-learning mechanism. It monitors the internal environment of the body; defines and learns what is considered normal cell behaviour; and when an anomaly occurs, reacts to it in real-time.

The Future Of Cybersecurity Lies In Self-Defence Systems

While the human body is unable to win every battle against viruses and foreign elements, its self-monitoring, learning and healing capabilities provide insight into how future cybersecurity solutions should work.

The self-defence system should be able to identify abnormal foreign elements, activities, programmes and mal-codes using adaptive machine learning based on an understanding of the normal system, application and data flow behaviour.

The system should also be able to independently restore normal functionality by making foreign elements and malicious programs dysfunctional.

Self-Defence Systems Framework

I see four key elements as fundamental components of self-defence systems. These core elements are essentially the refining of an automated set of rules designed to monitor system behaviour, diagnose potential abnormalities, reactivate the system by removing malicious components and, finally, incorporate new normal/abnormal behavioural patterns into the system.

These capabilities are made possible by increasing the core elements of artificial intelligence, machine learning and predictive analytical technologies.

Monitoring Behaviour

Continuously check against the baseline, enrich the decision engine with ‘inside-out’ and ‘outside-in’ intelligence to identify new threats

Fault Diagnosis

Identification of the abnormal attribute and correlation of situations

Revitalization

Revitalization with state-based revival model by making bad functions, unknown programs and foreign executables dysfunctional

Acclimatize

Acclimatize and immunize by embedding new normal/abnormal patterns in decision-making engines

Technology That Augments The Four Core Elements

Using historical behaviour mapping and analysis, self-defence systems should make real-time recommendations for action to be taken in response to an external ‘abnormal’ event. This is also commonly defined as adaptive machine learning, which would involve:

  • Defining normal and abnormal status (system state capture)
  • Monitoring current system status (system health analysis)
  • Determining “WHO” and identifying the cause of incidents (suspected analysis)
  • Understanding “WHAT,” “HOW” and “WHY” of incidents (content and context)
  • Applying business intelligence to understand threats in the context of the organization’s industry (industry-specific threat co-relation)
  • Identifying and analysing potential systems gaps (asset vulnerability life cycle)

In addition, artificial intelligence should enable autonomous system remediation and acclimatizing of new patterns by:

  • Monitoring and neutralizing abnormal behaviour of all externally introduced files, functions, programs and executables (foreign element neutralization)
  • Creating a virtual environment for foreign elements demonstrating abnormal behaviour (real-time jail boxing)
  • Creating systems’ responses to potential attack scenarios based on threat intelligence (attack vector reply)
  • Monitoring all threats to systems’ assets with active risk mitigation model (threat modelling immunization)
  • Activating real-time risk alert for all applications (system distress management)
  • Co-relating intelligence gathered about systems’ vulnerability and assess the potential for any exploits (vulnerability and exploit correlation)
  • Assessing the possibility of threats based on threat actor behaviour analysis (threat predictive modelling)

In summary, the next frontier of cybersecurity solutions will most probably be self-defence systems that continuously find, respond to and recover from new threats. This type of system will reduce the risk of attack significantly; more important, it will reduce the attractiveness of an organization as a hacking target for threat actors.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: The views and opinions expressed are solely those of the author and does not necessarily reflect the views held by Inc42, its creators or employees. Inc42 is not responsible for the accuracy of any of the information supplied by guest bloggers.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves-Inc42 Media
The Future Of Cybersecurity: Building Resilient Targets That Defend Themselves-Inc42 Media
You’re in Good company