As the shortage of skilled cybersecurity professionals intersects with the change and sophistication of the threat landscape, AI and ML will be leveraged to fill the gaps, according to a new Osterman survey and report. The Osterman report looked at security solutions that offer advanced technology that could be leveraged to replace manual efforts, including artificial intelligence, machine learning, and orchestration, to address the cybersecurity skills shortage.
The threat landscape is expanding with new types of tactics taking advantage of the latest remote working trends. Phishing is the major threat growing faster than all other threats, with a 3000% increase in 2020 since the start of the Covid-19 pandemic.
Today’s threat actors use multiple tactics and speed to evade traditional defenses that rely on domain reputation, blacklists, and human analysis. This legacy phishing protection can’t stop 75% of these new, more sophisticated phishing attacks. Hiring an increasing number of cybersecurity professionals with the right skill set is not a manageable strategy.
Advanced security technology that leverages AI and ML can complement human analysis with automation. The report highlights how AI and ML can reduce the time and effort required by cybersecurity professionals to complete the same analysis. Given the speed and volume of threats, technology can identify many more variables than a person, and the same analysis by a professional would be nearly impossible. AI and ML can scan billions of internet transactions daily using dynamic interactions and simulations that overcome sophisticated evasive techniques by using
- Virtual browsers
- Natural language processing
- Computer vision and behavioral analysis
- Overcomes sophisticated multi-stage attacks
- Ability to detect phishing hosted on legitimate cloud providers and compromised benign websites
All of this provides highly accurate threat detection, so threats are blocked and, therefore, do not need to be reviewed or remediated. Solutions are offered through applications, APIs, DNS RPZ, and extensions, either as a supplement to existing security solutions or independently.
SlashNext addresses this with the broadest range of protection…