Why cookies on the Citi ICG website ?

This website uses cookies to give you the best user experience by personalizing your content and analyzing traffic. Without cookies, the site won't function as expected . If you want to learn more please read our Privacy policy.

Article08 Jun 2021

Emerging Technology Solutions for Cyber Defense

The use of emerging technology can help augment a firm’s cybersecurity program

An emerging technology is a technology with a level of novelty, having certain coherence over time, and that could cause profound positive impact on business or society. Some notable emerging technologies include machine learning, blockchain, behavioral biometrics, biometric authentication technologies, data analytics, and emerging cloud services. Emerging technologies provide an enhanced ability to predict and analyze threats, identify and prevent threats to a large surface area such as a customer base, and detect and stop cyberattacks all at a speed and scale that would not have been possible without the use of these newer technologies. The biggest drivers for adoption of these emerging tech solutions are large volumes of data, an increase in computer processing power, and the need to adapt and counter ever-evolving cyber threats.

With the extreme growth in volumes of data and increased capacity to store large amounts of data, the next logical step is to analyze the data to further an organization’s goals, including cyber defense capabilities.

Machine Learning

A machine learning system can automatically learn when exposed to new data and draw inferences without humans having to reprogram the system. It is a technology transforming how key decisions in areas such as trading, autonomous vehicles, and medical research are being made or will be made in the future. Machine learning enables analysis of large amounts of data, and the ability to recognize and label unknown patterns. Microsoft uses machine learning in its Windows Defender program as it, “allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats.”

Deep learning techniques within the Machine learning domain mines the vast quantity of data to identify threats and anomalous activities which could provide real-time indicators of compromise or malicious activity.

Natural Language Processing

Natural Language Processing (NLP) reads and understands the context of a given text. The ability to read and understand text provides the capability to detect and analyze threats which, when combined with other tools, leads to the execution of an appropriate response strategy. Cisco has built an ‘NLPRank’ system, which is based on NLP techniques. When combined with OpenDNS data, it provides the ability to detect malicious domains, such as a website that appears to be an official banking institutions’ landing page, but is actually a duplicate of the landing page designed to capture the username and password when typed in by a customer, in real time. NLP techniques could power large-scale vulnerability detection systems to efficiently identify vulnerabilities, which could be potentially very hard to detect using existing tools.

Biometric Technologies

Identification, authentication, and authorization of resources are a critical component of cyber defense. Biometrics use unique physical characteristics of human beings like iris patterns, fingerprints, voice, face, etc. for identification and authentication. The ability to personalize authentication and use human features that currently are difficult to fraudulently replicate, provides an enhanced authentication capability. Behavioral biometrics is a technology that identifies people by how they do what they do, instead of what they are (e.g. fingerprint), what they know (e.g. password), or what they have (e.g. token). Behavioral biometrics captures behavioral (e.g. mouse movements), cognitive, and physiological parameters to create a unique user profile within online and mobile applications. This technology is being used to detect fraud, and malware in real-time.

Distributed Ledger Technology

Distributed ledger technology, primarily blockchain, provides a distributed network and potentially a solution to one of the fundamental challenges of technology solutions – trust. Blockchain technology is currently being explored for potential use in preventing fraud and data theft. Blockchain could be used to prevent distributed denial-of-service attacks, commonly referred to as DDoA attacks, which is when a website crashes due to the number of requests to access the site being received all at one time. Other uses of blockchain to enable cybersecurity are under exploration. For example, blockchain provides a fully decentralized option for the Domain Name System (DNS). DNS is used to translate the name of a website into an Internet Protocol (IP) address, which is needed to find the computer services the customer is requesting. Currently DNS is managed by a centralized authority. By using blockchain technology, there wouldn’t be a need for a centralized authority as the technology would manage the mapping of domain names to IP addresses. Without a centralized authority to attack, it would be hard for a malicious actor to seize domain ownership and the risk of root servers as a central point of failure will be largely mitigated.

The Human Element

Emerging technologies have significant potential for enhancing cyber defense capabilities. These technologies in all probability will not replace humans completely, but will augment human capability for enhanced output.

The successful application of emerging technology capabilities for cyber defense requires a robust, adaptable governance and risk mitigation strategy. The strategy should include — roles and responsibilities, an accounting of emerging technology products, testing and security, enhanced monitoring and anomaly detection, a knowledge sharing platform, and continuous risk identification and mitigation plans.

 

This is article is an excerpt from Managing Cyber Risk with Human Intelligence, a report from Citi GPS.

Technology
Learn more about Securities Services at Citi or contact us

SUBSCRIBE

Keep up to date with our latest insights.