How AI, Machine Learning Will Impact Endpoint Security
… the ability to work through all layers of the network stack and bring them together into a protective scheme with breadth and depth, according to leading security providers.
“One of the most valuable things MSSPs can offer their customers is a layered defense that aligns to a broad defensive framework,” says Nate Jenniges, senior director, corporate device security, McAfee. “This spans foundational hygiene and hardening on devices, all the way through to the most advanced behavioral analytics. Developing and implementing a complete security practice that is rationalized against adversarial techniques is where service providers can really make a difference for their clients.”
How MSSPs Will Use AI, Machine Learning to Impact Endpoint Security
Even as a supermajority of cybersecurity marketplace participants say that they are already using AI and machine learning to impact endpoint security, according to nearly three in four (73 percent) respondents in a recent report on the state of AI in security from Osterman Research, there is still work to do, as report sponsor ProtectWise concludes.
“In its current state, AI is a tool for driving efficiencies and addressing staffing, but it is not going to replace human intelligence any time soon,” says Gene Stevens, CTO, ProtectWise, provider of cloud-based network detection and response. “AI is well positioned to create machine-accelerated humans: an army of hunters and responders who use a wide array of expert systems to help unearth and prioritize critical threats. In the future, AI will become more valuable as the industry develops products that improve ease of use and capitalize on AI’s efficiency differentiators.”
This will go a long way toward addressing the weak link in the cybersecurity chain: people. Not only will AI and machine learning impact endpoint security by uncovering otherwise undetected threats, they will also improve security workers’ knowledge of these threats. But MSSPs need to train their workers to properly exploit this gain in know-how.
“Even though security pros advocate broader use of AI and ML, MSPs and MSSPs should ensure that their user communities are well trained in how to recognize and avoid cybersecurity threats,” says Hal Lonas, CTO, Webroot, the cybersecurity provider. “Training should be specific and repeated frequently to ensure that users are aware of their responsibilities. Threats evolve quickly, so too should knowledge of them.”