Three ways automation will change cybersecurity forever

By Fortinet

Jonathan Nguyen-Duy, Vice President of Fortinet’s Global Field CISO Team, discusses.

Today’s cyber battlefield is a cutthroat place. Attackers hide in every corner, waiting for a right moment to pounce. One wrong move, and you’re out.

Security professionals are adopting emerging technologies such as artificial intelligence and automation to tough out this battlefield. But how will these technologies shape the future of cybersecurity?

Jonathan Nguyen-Duy, Vice President of Fortinet’s Global Field CISO Team, discusses three lasting impacts automation will have on cybersecurity.

1. Attackers are using it too

Automation is not just a tool for the good guys. It’s also being used to “accelerate the threat environment”, says Nguyen-Duy.

First, attackers are using the technology for threat research. It helps them identify new victims by scanning various sites and discovering which vulnerabilities and systems remain unpatched, he adds.

Automation is also used to generate new versions of malware, says Nguyen-Duy. The technology analyses “massive volumes of data about what's happening to other versions of malware in the wild, how they are being detected, and how they are being mitigated.” These insights are then used to automate the development of more potent strains of malware.
Lastly, automation helps hackers “propagate the attacks at a much broader level”, he says. The volume and complexity of attacks is set to increase as the technology advances.

2. Effective identification and patching of vulnerabilities

In 2019, the vast majority of data breaches were caused by the exploits of unpatched vulnerabilities, Nguyen-Duy says. But some organisations didn’t even know these vulnerabilities existed, he adds.

Automation can help to tackle this by enhancing visibility over an organisation’s environment, he says. It helps analysts understand what's in their ecosystem and what’s attempting to access it.

It also helps to execute security responses at scale when vulnerabilities are detected - saving tons of time and effort, says Nguyen-Duy. This is especially useful when thousands of autonomous vehicles need to be patched in the future.
But automation will not achieve its full potential operating in silo, he says. “If it's not integrated, automation will not really work well.”

Fortinet’s security fabric weaves together different security controls for a “broad, integrated, and automated response to security”, says Nguyen-Duy. It enables the solutions to share information on potential attacks instead of operating in silo.

3. Security analysts will take on a governance role

As automation takes over mundane and repetitive security tasks, analysts will shift from their current “operator” role to a “governance” one, says Nguyen-Duy.

Artificial intelligence and automation will deconstruct terabytes of data to find patterns of anomalous behaviour, he adds. It will then flag it to the analysts to decide the security response based on the business outcomes and user experience desired.

“Humans are going to make elevated decisions, while those mundane things where we triage what's happening will be done by machines,” he says.

As cybersecurity attacks continue to intensify, automation is a beacon of hope. It is set to alter the future of cybersecurity forever.