Cyber threats and concomitant attacks constitute a growing concern for business organizations globally, irrespective of their size or sector of operation. The cost of cybercrime is immense, to say the least. The global cost of cybercrime is estimated at $11.4 million per minute. Organizations lose approximately $2 every minute as a result of cybercrime. The average global spending on information security per minute is estimated at $235,540 (HelpNetSecurity, 2020). In the United States, the annual cost of cybercrime was placed at 27.37 million dollars in 2018 alone (Clement, 2020). The global cost of by 2021, according to Help Net Security (2020), is predicted to hit $6 trillion annually. Cybercrime magazine (2020) estimates this annual cost toreach$10.5 trillion by 2025 (representing three times what it was in 2015 at $3 trillion. If this were to happen, then the magnitude of the global cost of cybercrime annually would be equivalent to the world's third-largest economy beaten only by that of China and the United States. The most common attacks include; attacks on computers with an Internet connection, record breaches, domain infringements, Magecart attack, spam phishing attacks, insider threats, and hostile nation/state-sponsored espionage and organized crime gang hacking activities (Statista, 2020).Apart from the monetary costs, there are other significant non-financial losses of cybercrime, including a tarnished reputation as well as psychosocial implications on the individuals involved (Antonescu & Birăub, 2015). The statistics are worrisome, and as such, experts in cybercrime in collaboration with the IT departments are devising new techniques to combat, control, avert, and or contain cybercrime. Some of these include biometrics, drones, the Internet of Things, workplace surveillance, surveillance technology, access control systems, and predictive technologies, among others. This paper will focus on predictive models designed to eliminate cyber threats and vulnerabilities before they materialize into actual attacks. The paper will detail how big data analytics and artificial intelligence are incorporated into predictive models to stop cybercrime before it happens.
Surveillance Technologies –2021 Trends
Recent trends and advents in science and technology have clearly shown that there are many factors converging to increase the cyber risk of institutions and business organizations. In fact, no sector is immune. The Healthcare sector is the most affected sector. According to an information security survey by Moore (2020), 75% of healthcare organizations reported having been victims of at least 2 breaches. Personal data (Health data) is highly valuable in the darknet or cyber black market, estimated at $408 per patient record, which is three times more than records in any other industry. Information Technology and telecommunication companies are also largely affected by cyber breaches. Moore (2020) found that 75% of IT and Telecomm firms surveyed reported facing at least 2 breaches in the last year. Government agencies, financial institutions, manufacturing companies, HR and recruitment as well as legal departments (institutions) are other highly targeted. Cyber bad actors are leveraging modern technology to mount attacks on vulnerable cyber systems. Some common attack vectors for cyber bad actors include exploiting weak credentials, insider threats (malicious insiders), missing or poor encryptions, system or network misconfigurations, phishing, spam emails, exploiting trust relationships, DDoS, ransomware, exploiting g vulnerabilities in mobile devices and minicomputers, stealing devices, and modification of legitimate apps.
Delegate your assignment to our experts and they will do the rest.
To combat the deadly scourge of cyber-attacks, companies, governments, and institutions have developed adept techniques to combat cybercrime using novel technologies and procedures. For instance, some countries are using drone surveillance, others are using intelligence-driven Detection & Response, awareness and sensitization campaigns for employees, use of anti-virus, firewalls, and intrusion detection systems, as well as the use of protective and prescriptive analytic models that incorporate machine learning, big data analytics, and artificial intelligence. The latter will form the chief focus of this discussion since I am of the opinion that, use of Predictive Models to Eliminate numerous cyber Threat Vectors that incorporate artificial intelligence and data analytics is the next big thing in eliminating or containing cybercrime.
Understanding Predictive Analytics and Its Application in Cyber Warfare
Predictive analytics refers to the use of statistical techniques, modeling techniques, and data mining to predict future events or performance. In layman's terms, predictive analytics is simply Technology that learns from experience (data) to predict future behavior in order to drive better decisions. Predictive analytics has existed for many years. However, it is only now that it has gained prominence after the discovery of its inherent value. Many organizations are turning to predictive analytics to boost their financial output, gain competitive advantage, and, most importantly, protect themselves from risks and uncertainties that are detrimental to their organizations. Some chief reasons why predictive analytics have gained more prominence in recent times as opposed to decades ago include; [1] increase in the volumes, veracity, value, and variety of data, which has sparked organizations to use this big data to produce valuable insights; [2] availability of faster, cheaper and more accessible computers and mobiles devices; [3] development of easier-to-use software; and [4] the prevailing tough economic conditions which have precipitated the need for competitive differentiation by organizations seeking to dominate or tower over their immediate competitors. Needless to say, as interactive and easy-to-use software becomes more prevalent and more available, predictive analytics thus migrates from being just the field of mathematicians and statisticians to extensive usage in other fields such as business analytics, cybersecurity, manufacturing, among others (Lu et al., 2017).
In contemporary settings, predictive analytics has employed machine learning and artificial intelligence to improve the accuracy of the predictions. Data mining uses visible patterns to make decisions. Some main examples of predictive analytics include Classification, Clustering, Association, drill-down analysis (Makes data smaller and smaller until the answer is found), and Outlier detection. Factor analysis is also an important technique which entails first reducing the number of variables and second detecting the structure in the relationships. Forecasting similarly is a predictive analytics technique that involves making statements about events whose actual outcomes have not yet been observed. Linear regression, as a predictive analytics model, attempts to model the relationship between two variables by fitting a linear equation to observed data. In Predictive Analytics, algorithms are statistical procedures or forecasting models that help in defining the prediction/ output. Machine learning and artificial intelligence improve the efficacy of algorithms by a great margin. Predictive analytics relies heavily on data-driven knowledge in making predictions. This means that the accuracy of predictive models is also determined by how accurate the data (feed) is. In conclusion, predictive analytics involves a variety of techniques from statistics, modeling, machine learning, artificial and data mining, which help in determining some future occurrences, and as such, would be instrumental in predicting cyber-attacks before they actually occur. Some organist ions use Statistical Analysis Systems software, which is a program suite developed to combine advanced analytics, business intelligence, data management, and predictive analytics. In today's world, predictive analytics is used in the detection of fraud, optimization of market campaigns, improving performance and operational efficiency, as well as reducing risk to an organization.
Understanding Artificial Intelligence and Its Role In Cyber Security
Artificial intelligence is a discipline in the larger computer science that seeks to build machines that have the capability of performing tasks in a similar or more sophisticated manner as seen in human beings. With artificial intelligence, machines can perform tasks that require human intelligence. Artificial intelligence (AI) is multidisciplinary and has advanced with advancements in machine learning and deep learning technologies. AI is disrupting virtually every sector in today's global economy, from transport to healthcare, to manufacturing, to governance, used in media, media, entertainment, and even agriculture. The Turing test is used to test whether or not a machine is acting intellectually or humanly. The criteria to satisfy are that the machine must think humanly, act humanly, think rationally and/or act rationally; that is, a machine must replicate how a human thinks about problems and follow this process; a machine must only be concerned with delivering the same results as our thought process; a machine must encode Knowledge in formal logical statements, and the machine should use mathematical deduction to perform reasoning, and finally a machine must Create rational agents that perceive their environment and execute actions that manipulate the environment in such a way as to achieve a goal. Today, Artificial intelligence is widely applied in marketing, banking, and finance, autonomous vehicles, gaming, healthcare, chatbots, astronomy, research, healthcare, agriculture, quantum computing, and, most importantly in cybersecurity. Some Examples of AIs that are in use today include; Amazon's Alexa, Apples Siri, Tesla, Microsoft's Cortana, Google assistant, Cogito, Netflix, Pandora, Nest, John Paul, Boxever, Amazon, and IBM's Watson (Castro & New, 2016).
The Role of AI in Predictive Analytics
AI theory holds that machines can perform cognitive tasks that typically require human intelligence to perform, such as voice, speech and text recognition, translation, visual perception, and problem-solving skills. AIs are able to perceive their environment and take actions appropriately. Predictive analytics, on the other hand, is a dynamic process that involves the mining of big data collected by machines through the use of models to predict or forecast future trends. Organizations today are making massive investments in AI and Predictive Analytics, which, when combined, provide better customer experience, eliminate operational bottlenecks, increase performance, among other uses. For example, in healthcare, Predictive analytics, in combination with AI, is used to solve problems of health status deterioration in patients. By feeding large amounts of patient's historical data, Ai tools within the model can be able to predict changes within the patient that may be fatal. Predictive analytics that incorporates AI thus improve patient outcomes are reduce medical errors that may be inherent in physician incompetence and lack of constant care. Similar to healthcare, predictive analytics is the future of cybersecurity. AI-based predictive analytic models are the future of cybersecurity. This is discussed at length in the subsequent section.
Using AI-Based Predictive Analytic Models to Eliminate Cybersecurity Threat Vectors
Numerous security metrics have been implemented in the past to protect computer networks, infrastructure, and systems (Abraham & Nair, 2015). However, there exists paucity in techniques to accurately measure security risks that organizations face taking into account the ubiquitous attributes linked with vulnerabilities that change over time. AI-based predictive analytics, in my view, is a potential game-changer that brings along with it a paradigm shift from traditional reactive cybersecurity to proactive cybersecurity. One especially promising aspect here is that machines can be taught to do it automatically and more efficiently using AI (Ongsulee et al., 2018). Indeed, the development of a Predictive analytical approach to cybersecurity has already become inseparable from Artificial intelligence. Prevention is always better than a remedy when it comes to matters to do with cybersecurity. No standalone organization wants to face the debilitating costs of a cyber breach or attack.
The operation of predictive models is relatively simple. During a cyber-attack, anomalies are created within the network or system logs. This is similar to how a criminal leaves DNA evidence at the crime scene. A skilled analyst and expert in predictive analytics use the information generated by these anomalies to identify attack patterns. Using these patterns, algorithms are created to fish out these patterns and flag them whenever they are identified. This way, an attack will be prevented before it materializes. As Cyber bad actors become more adept in their cyberattacks, organizations too should rise to meet these challenges, and the way to do it effectively is through the use of predictive analytics.
There are three main ways in which AI-based predictive analytics have improved Cybersecurity. First, it is true from historical occurrences) to assume that to be forewarned is to be forearmed. With the growing risk of cyber breaches, effective control of these threats requires a more proactive approach. Organizations deploy predictive models which, with the help of AI tools, are able to crunch big data, identify patterns, and concomitantly detect anomalies in real or near real-time to close the loopholes before the data is stolen or compromised. The advantage with AI-based models for predictive analytics is that they not only inform response teams of where the attackers have tried to breach it also informs them of the location, they are likely to hit next, as well as the system's or networks' weak points, and how effective the already established countermeasures will be against this threat. Organizations that leverage predictive analytics essentially create a roadmap by which their IT incident response teams can use to investigate the moment AI flags something that seems out of the ordinary. The organization is able to stay one step ahead of the attacker well in advance to stop them before they attack.
Next, AI-based predictive analytics overcome the challenge of working with enormous pools of data. Human intervention alone is inadequate when dealing with big data from programs, databases, mobile devices, and other sources. Predictive analytics thrives on big data. The more comprehensive the input data is, the more accurate the predictions will be. Finally, a predictive analytics model combined with AI and machine or deep learning allows easy manipulation of data to filter out crucial insights in a rapid fashion. Automation of these workloads takes much of the pressure from response teams, whose only task now is to accurately and expertly interpret the patterns and findings from the analysis. Much of the work, that is, data collection, data collation, compilation, filtering, and analysis, is done automatically with the Aid of the AI tools. This means that the IT department will focus solely on result interpretation, identification of potential threats, and system protection, which is far removed from the other tedious processes that would have otherwise bogged them down, allowing for the breach to happen.
The speed, scope, and granularity of AI-based predictive analytics facilitate accurate prediction of cyber-attack vectors and containing them before they occur. These models pinpoint the attack vector and can extend further to detect suspicious patterns, new trends, metrics, and indicators of cybercrime. By combining AI with predictive analytics, organizations and institutions are able to generate insights on the potentiality of an attack or the severity of the vulnerability for a cyber breach. Using this information, models can be created to arm the organization against an attack. Far removed from the traditional signature-based cybersecurity solution, the current self-learning predictive analytics and anomaly detection models monitor activities across multiple networks and real-time data streams to detect specific threats before or as they occur without having specific prior knowledge of the exact signature. The models are automated, meaning that they detect networks and data flow anomalies immediately with minimal false positives.
Conclusion and Reflection
Predictive analytics alone cannot fully guarantee an accurate forecast of potential cyber-attacks. However, coupled with artificial intelligence and the right machine learning solution, there is a near-perfect chance to harness the full potential of predictive analytics (Davenport, 2018). Cognitive pipelining automates the tedious processes in predictive analytics, which results in the accelerated ability of the analysts' ability to discover or detect malicious traffic in real-time, and thus institute measures to control the breach before it happens. Anomalous outlier detection model provided by machine learning is an example of how machine learning can enhance predictive analytics. In conclusion, therefore, the use of predictive analytic models coupled with artificial intelligence allows organizations to move beyond the cumbersome signature-based models, which allow users to detect with high confidence levels new threats that have not been witnessed in the system before. The current generation of cyber protection should therefore use cybersecurity solutions that are divorced from the asset under protection in order to catch the attacker in advance of the actual attack on protected resources. This is enhanced by AI-based predictive models, which, in my view, is the next big thing in cybersecurity. The introduction of artificial intelligence and data analytics into predictive modeling will determine threat vectors and shut them down before they even start. In essence, AI-based predictive analytic solutions have been instrumental in overcoming the weaknesses inherent of the traditional Signature-based Intrusion detection systems, which can be analogized to alarm systems that go off after the bugler is done with their job.
References
Abraham, S., & Nair, S. (2015). Predictive cyber-security analytics framework: A non-homogenous markov model for security quantification. arXiv preprint arXiv:1501.01901 .
Antonescu, M., &Birăub, R. (2015).Financial and non-financial implications of cybercrimes in emerging countries. Procedia Economics and Finance , 32 , 618-621.
Castro, D., & New, J. (2016). The promise of artificial intelligence. Center for Data Innovation , 1-48.
Clement, J. (2020).Average annualized cost of cyber-attacks on companies in selected countries in 2018 (in million U.S. dollars. Retrieved November 23rd, 2020 from https://www.statista.com/statistics/293274/average-cyber-crime-costs-to-companies-in-selectedcountries/#:~:text=In%202018%2C%20the%20average%20annualized,to%20attacked%20companies%20per%20year .
Cyber Crime Magazine. (2020).Cybercrime To Cost The World $10.5 Trillion Annually By 2025. Retrieved November 23rd, 2020 from https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
Davenport, T. H. (2018). From analytics to artificial intelligence. Journal of Business Analytics , 1 (2), 73-80.
Help Net Security. (2020). The global cost of cybercrime per minute to reach $11.4 million by 2021.Retrieved November 23rd, 2020 from https://www.helpnetsecurity.com/2020/08/28/global-cost-of-cybercrime-per-minute/#:~:text=Share-,The%20global%20cost%20of%20cybercrime%20per%20minute%20to%20reach%20%2411.4,a%20100%25%20increase%20over%202015 .
Lu, J., Chen, W., Ma, Y., Ke, J., Li, Z., Zhang, F., & Maciejewski, R. (2017). Recent progress and trends in predictive visual analytics. Frontiers of Computer Science , 11 (2), 192-207.
Ongsulee, P., Chotchaung, V., Bamrungsi, E., & Rodcheewit, T. (2018, November). Big Data, Predictive Analytics and Machine Learning. In 2018 16th International Conference on ICT and Knowledge Engineering (ICT&KE) (pp. 1-6). IEEE.
Statista.(2020). Most common cyber-attacks experienced by companies in the United States in 2019. Retrieved November 23rd, 2020 from https://www.statista.com/statistics/293256/cyber-crime-attacks-experienced-by-us-companies/