How firms can use AI to fight advanced cyber attacks
FROM March to August this year, organisations in Singapore faced an alarming average of 1,775 cyber attacks*. This is higher than the worldwide average of 1,587, according to a report by Check Point Software Technologies, a leading cyber security platform provider of cloud-delivered solutions powered by artificial intelligence (AI).
Top targets, says the firm, were the government, and the finance and retail sectors, indicating that cyber threats are pervasive and persistent across critical industries.
About 90 per cent of the malicious files were delivered through the web.
Evidently, cyber security remains a pressing concern for companies, and as AI technologies mature, this challenge has only grown.
According to the Singapore Cyber Landscape 2023 report, malicious actors have been employing generative AI for deepfake scams to bypass biometric authentication. It also said that AI likely generated 13 per cent of phishing scams locally.
As threats increase in volume and sophistication with the growing capabilities of AI, organisations need a new generation of cyber security solutions to force-multiply their capabilities and gain visibility into potential threats facing them.
This does not simply mean tapping multiple security products – the sheer volume of alerts from different sources makes it almost impossible for information technology (IT) and security teams to investigate potential intrusions.
This fragmentation can leave critical gaps for attackers to get through.
The role of AI-powered solutions in enhancing cyber security
To address these challenges, a more integrated approach is essential. AI-powered solutions, like Check Point Infinity Platform, offer comprehensive, consolidated security coverage across data centres, networks, cloud, branch offices and remote users.
With a 99.8 per cent success rate in catching zero-day attacks, Check Point’s platform provides a unified interface that simplifies management while enhancing protection across the entire digital infrastructure.
This centralisation forms the backbone of a cohesive defence strategy, enabling organisations to quickly detect, resolve and prevent a wider spectrum of threats.
Quickly block off attacks with consolidated intelligence
AI and automation have not only made it easier for cyber criminals to strike, but they can do so anytime, when victims least expect.
Businesses need to be on guard 24/7 to stop attacks from infiltrating their network.
For this, Check Point’s ThreatCloud AI, part of the company’s Infinity Platform, combines cutting-edge AI technologies with extensive big data threat intelligence to quickly prevent the most advanced attacks.
Drawing on 30 years of accumulated data in one of the world’s largest data lakes, the software employs over 40 AI engines to process vast amounts of information daily. It analyses real-time data from 150,000 connected networks, millions of endpoint devices and various intelligence sources.
This tallies to about two billion websites and files, 73 million e-mails, 30 million file emulations, 20 million potential Internet of Things devices, two million malicious indicators, one and a half million mobile applications and one million online forms.
With Check Point’s coverage, companies benefit from enhanced protection. They can block four times more “zero-day” phishing attacks that exploit new vulnerabilities and five times more domain name server (DNS) attacks that target internet servers, compared with traditional, signature-based technologies.
In addition, a recent independent security benchmark report this year revealed that Check Point’s AI-based cyber security solutions successfully prevented 99.8 per cent of unknown malicious files, while other enterprise-level vendors’ solutions ranged between 55 per cent and 75 per cent.
With real-time centralised analysis of data and robust preventative capabilities, Check Point helps businesses protect themselves round the clock, even against unseen threats.
Reduce the spread of attack with immediate response
Today’s interconnected systems mean that an attack in one can easily spread to another within seconds. By the time cyber security specialists begin to investigate, the attack would have already caused widespread downtime and damage.
Automating this process using Check Point’s AI-powered Infinity Playblocks and Infinity XDR can help to reduce a response from hours to seconds.
When an attack is detected, Infinity Playblocks automatically triggers actions to contain the threat. It could isolate affected hosts such as a system or network. It could also kill a process by identifying the root cause of the threat and stopping the attack.
Infinity XDR, meanwhile, watches over all parts of a company’s digital setup – from office networks to employees’ computers and phones, and even cloud storage.
It connects the dots between different events, spotting potential threats that might otherwise go unnoticed. By analysing how the attacks happen and what they target, the software helps guide organisations during security investigations as well as to prevent future risks.
With these tools, cyber security teams can quickly handle incidents and reduce manual errors. In turn, business systems remain operational 24/7, even as the organisation responds to a threat.
Resolve security loopholes with proactive prevention
The arrival of what is known as the fifth generation of cyber threats also means businesses need to continuously update security operations and keep them running to maintain their defences.
These sophisticated large-scale attacks use advanced “weapons-grade” attack tools to target businesses across multiple parts of their digital infrastructure. Without a unified approach, it is difficult to stop such attacks.
As such, businesses have to continuously perform a wide range of tasks, such as updating security controls and policies, to ensure there are no gaps in security. Manually carrying out these processes is not only time-consuming but could introduce errors as well.
Check Point’s Infinity AI Copilot, a generative AI chat function, helps speed up security operations by as much as 90 per cent.
Infinity Copilot “knows” a business’ policies, access rules, logs and product documentation.
A simple prompt in any language yields contextualised and complete answers – users can enter any security-related question, whether it is to troubleshoot complex issues or verify endpoint patch status.
By quickly finding solutions to important, urgent questions, teams can protect the integrity of their systems more effectively.
And time saved can be channelled to enhancing preventative security.
* Figures are accurate as of early August 2024. The Check Point Threat Intelligence Report presents data in six-month blocks. When released, each report covers the most recent six-month period for which complete data is available.