Heather Wright was in San Jose as a guest of NetEvents
AI, automation, security and the weaponisation of IT tools dominated the conversation at last week’s NetEvent’s conference in San Jose.
So what were some of the key takeaways?
AI: cybersecurity – hero or villain?
While AI is being hailed for its business benefits, NetEvents saw experts taking to the stage to debate its benefits in solving ‘the internet cybersecurity epidemic’.
Greg Martin, co-founder and CEO of Jask, which is using artificial intelligence in the security operations centre, said without the use of AI in security, we will continue to fall behind in the battle.
“We have a very large problem – there are not enough skilled cybersecurity workers and there are too many threats to deal with on a daily basis,” Martin said. “If we do not develop AI to start to accelerate identifying, automating and helping the analysts we do have to deal with this threats we are going to continually fall behind and have bigger, and more destructive breaches.
“There are just too many alerts and security tools and too few analysts,” added Slavik Markovich, Deisto CEO. “The only way of bridging that gap is trying to automate as much as possible.”
All agreed AI will have a role to play through detecting zero-day malware, protecting against rogue users and discerning the behaviour of intruders, while machine learning can help find anomalies in network traffic and log files, but also that the dream of AI solving the cybersecurity issue is still far from reality.
“The amount of resources required, the amount of storage, the amount of compute is just not there yet,” Markovich said.
“As long as there is going to be traditional security, there is a place for AI to try and make sense of the data that is overwhelming human beings,” said Kumid Kalia, Cylance chief information officer. “But for those who are moving in a different direction… AI is at the heart of the solution.”
“What AI will not be able to do is take humans out of the loop – not in our lifetime,” said Martin, who argued that AI will not surpass human intelligence any time soon, and human ‘intuition’ will continue to be a key aspect of security.
The panel also noted that cyber tools are being put together in new combinations and weaponised to use in attacks.
“When we say AI helps with detection you have to consider the other side too – hackers using the same AI tools to evade detection and find different ways to attack. I’ve seen people use evolutionary algorithms to evolve their malware and change it,” noted Markovich. “It’s a game of cat and mouse.”
Added Martin: “We need to be clear that we are in a full-on global cyber-weapons arms race,” noting that Wannacry was built from a NSA cyber weapon which was weaponised and used against public companies.
“This cyber weapon proliferation is the new norm and we are absolutely certain that government entities are using AI to develop new cyber-weapons,” said Martin.
IoT as the DX driver
While IoT has been hailed as the ‘ultimate’ driver of digital transformation, driving new business, improving customer experience, providing executives with data to analyse, as well as improving operational efficiencies and lower costs, IoT projects are slow to complete, slow to deliver on their promise and require more money and better infrastructure than most companies expect.
“I don’t know of an industry we service that isn’t investing and moving towards IoT… there is a significant amount of technology that is being applied in this real-time manner and driving significant performance gain,” said Jeff Baher, senior director of product and technical marketing for Dell EMC Networking and Service Provider Solutions. “It’s well past hype. It is real.”
Panellists highlighted technologies such as smart security, virtualisation, application-specific networks and robust cloud services to help enable effective IoT.
Security issues around IoT were also raised, with Russ Curriem, VP of enterprise strategy for Netscout flagging security as ‘a real challenge’ for some customers.
Baher noted a ‘natural tension’ when it comes to privacy and security as we become more connected citizens via IoT.
“Once the data is in the data centre, you have lots of techniques to really secure [it],” said Mansour Karam, founder and CEO of Apstra. “We help with automation and ensuring that the right security policies are in place. A lot of the security now is being pushed to the servers themselves, with things like micro-segmentation, rather than just having or counting on one firewall to keep everything out.”
In addition,some key ramifications of IoT for infrastructure was raised. Karam noted that with all the data needing to be processed, companies “just need to build out the infrastructures like never before. These infrastructure have to scale out. So one has to really change the equation… how do I change the scale of my infrastructures of orders of magnitude?”
“When you look at the network, there are two components of scale,” he continued. “One is capacity and we’re seeing the capacity of networks increase at an accelerated rate. But then on the operational side, having to babysit everyone of your devices is just not an option anymore. You really have to manage your infrastructures wholesale at the system level in order to get the type of efficiencies you need in order to have the ability to process your IoT data so that you remain competitive.”
Baher added that not everything should be stored. “We’re not collecting everything and storing everything if we don’t need to take action on what we collected and potentially stored. There are many things that we need to instrument, but we don’t need to store.”
Three companies to watch
Co-founded by David Cheriton, who founded Granite Systems which was acquired by Cisco in 1996 and Kealia which was acquired by Sun Microsystems in 2004, and went on to found and invest in companies including Google, VMware and Arista. Apstra is focused on intent based networking for the data centre.
Providing location for the internet of things, Polte took out the Netevents Hot Start-up IoT award. Polte is a cloud-base location solution for IoT, triangulating 4G and 5G signals.
An AI-powered autonomous security operations platform, Jask is looking to streamline security operations. The system ingests data from security systems along with network, user, device and application data, and adds an intelligence layer that visualises potential threats.