AI ups the ante for IoT cybersecurity

Securing vast and growing IoT environments may not seem to be a humanly possible task—and when the network hosts tens or hundreds of thousands of devices the task, indeed, may be unachievable. To solve this problem, vendors of security products have turned to a decidedly nonhuman alternative: artificial intelligence.

“Cyberanalysts are finding it increasingly difficult to effectively monitor current levels of data volume, velocity and variety across firewalls,” CapGemini noted in a survey research report, “Reinventing Cybersecurity With Artificial Intelligence.” The report also noted that traditional methods may no longer be effective: “Signature-based cybersecurity solutions are unlikely to deliver the requisite performance to detect new attack vectors.”

In addition to conventional security software’s limitations in IoT environments, CapGemini’s report revealed a weakness in the human element of cybersecurity. Fifty-six percent of the 850 IT and OT executives who participated in their survey said that their cybersecurity analysts were “overwhelmed.”

Technical professionals seem convinced that AI-enhanced security for their IoT environments is a requirement. In the CapGemini survey, 69% of respondents said, “We will not be able to respond to cyberattacks without AI.”

AI is generally considered an umbrella term for various practices, methodologies and disciplines that include machine learning (ML), deep learning, neural networks and other related technologies.

Why IoT Cybersecurity Is Challenging—and How AI Can Help

In addition to size and scope, IoT implementations involve myriad types of devices connecting to their networks. While conventional security apps could focus on Windows PCs or iOS devices or other widely deployed systems, IoT security must grapple with scores of different devices, some old and some new, but each with its own operating systems and particular vulnerabilities.

The high degree of device heterogeneity makes IoT networks prime targets for the bad guys as they troll for weak links they can exploit. “From an attacker’s perspective, it’s much easier to penetrate IoT devices than it is a PC nowadays,” said Derek Manky, chief of security insights and global threat alliances at security vendor Fortinet’s FortiGuard Labs.

The first step in managing an IoT installation and providing a solid foundation for deploying network security is identifying all the devices that the IoT links. In larger IoT environments, this could entail tallying up thousands to hundreds of thousands of sensors and other devices. It could be a monumental undertaking, but AI can help make this task much easier than other methods of discovery and provide more detailed information about the nature of connected devices. And although that might sound more like asset management than cybersecurity, it’s the key step in rolling out effective network security.

To read the complete article, visit IoT World Today.