March 2019

www.smartmachinesandfactories.com March 2019 | 27 | | STRATEGIES | organisation’s cyber security, rather than just support it. An example of this would be data deception. Data deception Cyber security specialists have long used deceptive tools to manipulate attackers that are trying to breach a system. For example, by creating false servers containing incorrect data, IT workers can trick hackers into perusing these assets and revealing their tactics. This method, sometimes referred to as the honey pot technique, is often used by security firms to gather intelligence on new hacking techniques. To be effective, honey pot techniques must be implemented on a grand scale. The real network will be littered with many small pieces of information to entice hackers. This includes seemingly valuable, but fake information such as customer details, login credentials and intellectual property. However, rather than leading hackers to data they can ransom or sell, this instigates a confusing process that directs the hacker away from any real, valuable data. Having only one honeypot is not nearly as effective or powerful as a system with several honeypots. While the configuration of a honeypot can be relatively straightforward, usually one simple algorithm, continually monitoring this maze of deception can be a longwinded process for IT workers, making manual data deception impractical. Data deception technologies are beginning to take this responsibility away from workers. Automated products will routinely devise methods of deceiving hackers, using machine learning techniques to change and adapt over time. Machine learning is a branch of artificial intelligence that enables technology to learn and develop through experience, reducing the need for manual programming. For example, if a system had previously experienced a specific type of cyber threat, it would develop methodologies to deal with similar attacks more efficiently in the future. It’s widely believed that machine learning tools could enable systems to spot and stop the next WannaCry attack, for instance, much faster than legacy tools. Reducing the need for human intervention means that IT workers can dedicate more time to strengthening their own security efforts. That said, these tools cannot completely replace humans. Instead, this technology should be used to automate the longwinded and repetitive tasks that are currently filling the workflows of IT teams, such as testing, basis threat analysis and data deception tactics. There is a severe shortage of advanced cyber security skills in today’s IT talent pool and automation will not completely bridge this gap. However, embracing this technology will provide greater opportunities to develop the skills of the existing IT workforce. Which is, at least, a step in the right direction.