The smarter way of dealing with cyberattacks

By Ong Kai Kiat August 7, 2017

Defenders have to embrace machine learning in their endpoint security
Cybersecurity experts need exciting work and a flexible working environment

The smarter way of dealing with cyberattacks

FROM the wannacry ransomware uproar, to the Bangladesh central bank heist and theft of national service records; cybersecurity breaches remind us of the importance of security hygiene.

Singapore is building a smart city which cannot exist if there is low confidence in the digital environment. Therefore, it is timely that the Singapore Government had introduced a new cybersecurity law which will force the disclosure of attacks over privacy concerns.

Digital News Asia spoke to McAfee Asia Pacific chief technology officer Ian Yip (pic) about the new proposed cybersecurity law.

“The new law is a good start but we need to get smarter in our cyber defences. Cyber attackers are getting more sophisticated and increasing the frequency of attacks especially on critical infrastructure. Both the law and defence will have to evolve over time to adapt to such changes,” says Yip.

According to Yip, cyber attackers are using automated cybersecurity attacks to test for vulnerabilities in systems. For defenders to be effective in their work, they have to embrace machine learning in their endpoint security. Machine learning-enabled systems can flag out routine attacks and make automatic decisions to block them.

Machine learning leads to higher productivity

451 Research notes that cybersecurity experts take 15 minutes to deal with a routine threat and this means that each expert can only deal with 30 threats in a day. With machine learning-enabled endpoint systems, human experts are freed from such work and can focus on more productive task such as formulating creative responses and uncovering the techniques of such attacks.

Yip notes that machine learning solutions typically cost more than the usual solutions but businesses should also consider non-tech costs. When you add cost in one area, you remove cost in another area. The smart way is to look at the overall cost when deciding on the right course of action. Yip declined to provide any figures and mentioned that cost depends on requirements.

A clear example of the benefits of technology-enabled productivity would be 3E Accounting which invested US$7,000 on robotics which improved productivity by 46%. According to TodayOnline, this increased the revenue per headcount from US$92,037 to US$135,076 in a year powered by the higher productivity.

Exciting work and flexibility good for retention

The smarter way of dealing with cyberattacks

It is also reported that such technology also improves work-life balance and flexibility in a family-friendly workplace. A recent survey found that 17% of cybersecurity experts would leave for a more flexible working environment.

Furthermore, 34% of them will leave for more challenging and exciting work. Cracking routine attacks can hardly be seen as exciting.

Machine learning curates previous attacks which would serve as a good database and toolkit for cyber security experts in their defences. This helps them to formulate creative strategies against attacks and uncover new patterns of attack which serves to increase their job satisfaction.

There is a recruitment and onboarding cost to any organisation when their cyber security experts leave. Retention is crucial when cyber security experts are in hot demand these days especially in the banking and finance sector according to recruitment specialist Robert Walters. If companies want to cut cost, it is better to search for affordable office spaces than to cut on security.

Bottomline: Work Smart

So what is the main takeaway from speaking to McAfee? It is to work smart. When attackers are using systems to send attacks automatically, defenders need to automatically detect and respond to them.

We are now in the era of smart living and smart drugs in a smart environment. As long as you keep your security patches up to date, the smart way of cyber security defence will be sent over to your endpoint security system.