Thorsten Kurpjuhn, European Market Development Manager, Zyxel
Whether you are a school, hotel or small business – your reliance on IT will have grown exponentially over the past few years. From staff needing to use PCs and laptops to carry out their day-to-day tasks and keep operations running, to guests, pupils and suppliers all needing their devices to access your network for various reasons. Not only has this put a strain on existing IT network set-ups but has seen the role and expectations of the network administrator change beyond all recognition, in a bid to keep everything running smoothly and securely.
There was a time when those in charge of the network knew where they stood and had the time and resource to deal with reliability and unexpected security issues – which were a less frequent occurrence. But in a world where technology underpins every activity and transaction, there is now a need to spin multiple, moving plates to ensure operational efficiency.
Managing hybrid cloud networks, reacting to the overwhelming amount of big data residing on the network, the growing number of connected mobile devices all wanting to access the WiFi, and the ever-increasing risk and prevalence of cyberthreats are now the order of the day, making network monitoring a very different beast.
Dealing with the unknown
By far the biggest challenge for network administrators is dealing with new and unknown threats facing the security of the network, which can seem uncontrollable. High profile incidents including the WannaCry epidemic in May 2017 demonstrate the sheer scale and lasting impact that cyberthreats can have on every business. Not only has this put the issue of ransomware high on the business worry list, but since the global incident there has been a 46% increase in new variants – making it even more difficult for those in charge of protecting the network to keep up.
But it’s not just high-profile threats that are proving a headache for network administrators. For example, the recent prevalence and rise in cryptocurrency use has also seen cybercriminals become more sophisticated in their attempts to attack and compromise businesses. Indeed in 2018, the Cyber Threat Alliance reported a 459% increase in the rate of illegal crypto-jacking, suggesting that businesses have yet to put effective measures in place to deal with the threat, or are simply unaware that the risks even exist.
These kind of zero day, unknown attacks are on the rise, with businesses often not realising they have been a victim until they find themselves on the end of a ransom demand, unable to access their company or customer data, and operations grinding to a halt.
As cyberthreats become more sophisticated and targeted, so should the solutions which help defend the network against threats. But as cloud-based platforms and applications become the new normal, the distributed nature of the environment can be hard to control and keep secure. Add the recently enforceable GDPR regulations to the mix and ensuring networks are water tight and company data and integrity protected has become all-consuming for the network administrator, in a bid to reduce reputational and financial impact on the business.
In the midst of these pressures and strain on the network, just how can a business continue to successfully manage and combat everything that is thrown at it? The trusted, traditional firewall can only do so much in keeping today’s external threats at bay. The only way to maintain control over evolving and unknown risks is to take a proactive approach and move from conventional firewall to a much cleverer form of defence. Enter artificial intelligence (AI).
From reactive to proactive
AI might sound like a futuristic, expensive and unproven concept, only adopted by innovative companies with big budgets. But its application within network security management is both viable and vital for companies of all shapes and sizes. In simple terms, the application of AI within a network firewall adds a layer of self-learning to the monitoring and management process. In effect it provides an extra pair of eyes and ears for the already over stretched network administrator. It gives them the tools to take a more efficient and effective approach based on real insight, rather than a purely reactive stance to threats, which could be based on outdated or static information.
AI can be used effectively within the IT network to apply self-learning to a number of scenarios, helping network administrators to deal with the demands on today’s and tomorrow network – ensuring no stone is left unturned. For example, many companies rely on and trust a conventional firewall to keep them protected and block anything that looks suspicious from entering or compromising the company network. This could range from malware and ransomware in the form of email attachments, through to stopping unknown devices connecting to the WiFi or website pop-ups from appearing.
However, with the nature of threats constantly evolving, adding a layer of machine intelligence into the process can provide the functionality to help networks stay better protected, rather than simply blocking suspicious-looking files or missing threats altogether. A firewall bolstered with a layer of AI, will be able to recognise a threat as unknown, put it into quarantine and analyse it, to help the systems effectively respond and defend against it, and future attacks. In doing this, the vulnerability window can be reduced when responding to zero day attacks. The system can learn and become better equipped at spotting true threats immediately, to help in the fight against targeted attacks.
From static to scalable
The make-up and demands on the network are constantly changing, so it makes sense for the management approach to evolve and scale, to deal with the threat of the unknown. An AI based firewall approach, which can adapt to circumstances and learn from vulnerabilities will be able to grow with the company. It can ensure that networks operate at optimum efficiency and that the network administrator can stay one step ahead and focus on maintaining operational excellence to support future business growth, rather than spending time and money on repairing damage caused by the latest malware to infect the network.
Far from dismissing AI, embracing the benefits of machine learning for network management is the next natural step for small businesses. With time and resources often scarce, it provides much needed additional support and takes action based on a position of knowledge which can only be gained through deep analysis and understanding of every threat that tries to enter the network. Standing still and trusting in your faithful firewall with only get you so far. Believing in AI will truly transform your business for the better and keep it secure from whatever is thrown at it.