How cyber risk managers can detect something that does not look right

Machine learning – which some brokers use to make chatbots – can also help companies improve cyber risk by flagging abnormal activity.

Machine learning is a type of artificial intelligence, which mimics human cognition and activities, such as identifying patterns. One application of machine learning is natural language processing, which some brokers are using to make chatbots that can take queries from consumers over their websites.

When detecting network security breaches, machine learning and AI can help information security managers find out whether an alert is a real security incident rather than an indicator of a possible incident, Jeremy Hurst, Toronto-based senior manager for Accenture Security, said Monday in an interview.

“Traditional malware detection has been based on known signatures,” he said. “For instance, if there is a virus that is identified in the wild, different vendors will sort of take it into their lab and determine what are the key indicators of that malware having infected your system and then they will update their software packages to be able to successfully identify it.”

The problem is, cyber criminals do not always use “known pieces of malware,” Hurst said.

Cyber risk managers should do “behavioural analytics,” which lets users understand what is normal behaviour on a corporate computer system. When something unusual happens,  “you may say, ‘Hmm, that looks a little bit odd, I’m going to investigate this,’” Hurst said.

“Say you have a user who normally logs into their system every morning at 9:00 am in Toronto and then you see at midnight they are logging into the system from a different country. You might choose to investigate that to see what’s actually going on there.”

Accenture released Sept. 17 its 2018 State of Cyber Resilience study, which is based on a global survey of 4,600 security professionals. Respondents included 150 Canadian executives.

The majority (83%) of survey respondents said technologies such as AI and machine learning “are essential to ensuring the security of their organizations,” Accenture reported. In the survey, 43% of respondents from financial service firms said they are investing in new technologies such as AI and machine learning for cyber defence.