‘Machine learning has revolutionized the cybersecurity industry’

Scott Manson, Managing Director – Middle East & Turkey, McAfee, speaks to Anita Joseph about the regional cybersecurity landscape, different kinds of attacks that organizations face, the advantages of using multiple machine learning capabilities to prevent innovative attacks and the need to restructure existing cybersecurity algorithms.

How would you describe the cybersecurity landscape in the Middle East at the moment?
Companies and Governments want to drive digitization and connect the unconnected for new business productivity and revenue streams. But with digitization, we are increasing the opportunity for Hackers, as the attack vectors grow.

That being said, from my experience, we have a brilliant mix of mature cyber professionals in the region that really understand the threats and the need to invest in services and products, in order to counteract the more sophisticated attacks that are coming in from all over the world.

How has McAfee been at the forefront of the growing cybersecurity landscape? What are some of your newest products and services?
McAfee has been present in the Middle East for over 15 years providing cybersecurity solutions and services to defend enterprises and governments against today’s most sophisticated and malicious attacks.

While we have been traditionally known for our endpoint protection offerings, we have rearchitected a next generation cyber platform, which incorporates machine learning at its core.  We have expanded our portfolio to include solutions for network security, data security, workplace security, web security, server security, and Sec ops.

Furthermore, the latest McAfee MVISION is the first cloud-based product family that protects data and stops threats across devices, networks, clouds (IaaS, PaaS, and SaaS), and on-premises environments.

What are some of the most common attacks that organizations face today?
As organizations in the region and across the globe accelerate on their digital transformation journeys, we are seeing a parallel increase in the number and sophistication of attacks. And while these threats continue to evolve, some of the same attack vectors and mechanisms that we have seen over the past few years, continue to dominate and these include:

  • Advanced Persistent Threats (APTs)
  • Phishing
  • Distributed Denial of Service (DDoS)
  • Insider Attacks
  • Malware (otherwise know as Malicious software)
  • Password Attacks (also known as Brute Force attacks)
  • Ransomware

How do you think we can use multiple machine learning capabilities to prevent innovative attacks?
The rapid development of machine learning, and its big brother Artificial intelligence (AI), is becoming more and more effective, powerful and efficient in performing automated tasks.  Over the next 3-5 years, we well see increased adoption of these technologies across industries, everywhere from manufacturing to software development.

In the cybersecurity realm, these technologies have already proven to be extremely effective in fighting ever-emerging cyber threats.

The facts is that there is simply too much data for human analysts to work through and this is where machine learning-based log processing is uncovering hidden threats.  If we can use machine learning we will be able to address the sheer volume and deluge of data to review, so that we do not miss those hidden attacks.

If we look at government entities the world over, for the longest time they have used systems management tools to help make sense of log data. These legacy systems only provided a partial solution. This is where machine learning-based log processing, has really made a huge difference by fundamentally changing how effective these agencies are at analyzing huge volumes of data — in essence, machine learning-based log processing serves as a multi-layered approach to threat assessment, taking into account a file’s static and dynamic attributes and behaviors, and its relationships with other files to draw deeper context and insights. These extra contexts and insights may include past breaches, unusual behavior that is cause for concern, or potential risk areas that have not been exploited yet, but may still cause a problem in the future.

Machine learning technologies can be “taught” to look for certain trends based on past data models. These templates can be used to find vulnerabilities in current data. Machine learning can also take current data threats and create models to find similar vulnerabilities. It provides a new way to look for potential risks, helping agencies avoid breaches and negate malicious activity.

In short – machine learning has revolutionized the cyber security industry, and will continue to be at the forefront for some time to come.

Earlier, one needed to be an expert in AI to be able to employ it effectively in detecting and preventing threats. But now that technological barriers are breaking down, how do easy do you think AI deployment has become?

While the phrase “artificial intelligence” is undoubtedly misused, the technology is doing more than ever to support the way that industries ― particularly health care, utilities and manufacturing — are evolving.

I believe it is more relevant to talk about “machine learning” rather than AI. This is a subfield of artificial intelligence, and one that has a wider application in the cyber security world.

The deployment of machine learning is becoming easier and easier, with skills being less relevant in this space, as it is an automated paradigm.  This means that while machine learning and certainly artificial intelligence need some skill to be deployed to address a specific business need, once they are programmed and architected for the need, there is very little skill barrier to adoption.  This is perhaps why it has taken off so quickly.

Do you think there needs to be a restructuring of existing processes and algorithms being used in cybersecurity? If so, how?
I do believe that there needs to be a restructuring of existing processes and algorithms in cyber security.  We need to have clear standards to govern and address this new world of automation, AI and machine learning. This will happen as these forms of technology start to become even more pervasive.