Tu sei qui:

AI & Cybersecurity

Artificial Intelligence is used in cybersecurity to prevent any threats based on data that unknowingly we make available to attackers. Through intelligence analysis on the web also for defensive purposes. Since “the best defense is attack”, it is advisable to gear up in advance by trying to understand the points of vulnerability and where the threats could come from. It is called “Open Source Intelligence“. It arises from a reasoning: the growing amount of information and data publicly available and related to a potential target (such as an individual or an organization) represents a facilitator element for the conduct of effective attacks.

Reversing the perspective, the opposite is also true: developing a clear vision of the type of data and information publicly exposed and relating to your organization (assets, top management, internal personnel, external personnel, teams responsible for the organization’s security, financial information). It represents an enabling factor for the development of preventive and proactive capabilities to combat the threat.

The theme is closely linked to the development of artificial intelligence. That is, algorithmic analysis to prevent any threats based on the amount of data that each of us also unknowingly makes available to attackers while browsing the Internet.

Every employee is an Internet user. He has passions, interests, semantic researches that are more or less unspeakable. Machine Learning allows you to analyze the behavior of each user and network traffic and independently learn what is normal for a user or for network traffic.

Companies can constantly monitor the authentication and access activities of each user, downloads, uploads, data transfers. The models learn on their own based on the activity of each user, they start immediately after installation and thus continue learning better and better and in total autonomy. The more time passes, the more precise the algorithm becomes. Abnormal behavior, based on what each user normally does, is highlighted as abnormal activity. With some cumbersome privacy questions.

How to secure data with predictive algorithms

Painted as the weak link of business organizations: the end-points. These are the remote access points for employees – company PCs, tablets and smartphones – connected to home wi-fi networks. The boom in mobile work, thanks to the structural adoption of smart working, is reconverting the ability of “attackers”, often criminal organizations that derive dizzying income from cyber intrusions.

Thus a more sophisticated coverage capacity is required by companies that reaches the end-points, the terminals for accessing company software via VPNs. What experts call a “virtual machine” is gaining momentum. These are the multi-platform investments of all the big device manufacturers, from Hewlett-Packard to Intel to Dell, from Microsoft to Apple.

Each file is isolated. Kept in a “digital box” to be screened before being stored on a hard disk. Become a virtual machine. Each document is opened and isolated from the PC, protected from possible malware, and then connected to the company Intranet.