Using Machine Learning to Simplify Endpoint Security
Using Machine Learning to simplify Endpoint Security
Could it be the key to reducing Cyber as well as Natural Disasters?
Mother Nature continues to flex her muscles with extreme weather events around the world. Whether it is the threat of wildfires in the Amazon, California and Sydney or the floods in northern England and Venice. These events are worrying but are timely reminders of why researchers are working on how to use machine learning (ML) as a disaster preparedness and response tool. Because machines can quickly analyse massive amounts of data from numerous sources, the goal is to use that information to help community leaders and emergency response teams make more informed decisions.
Like natural disaster preparedness and response, ML also has important implications for endpoint security and the disaster that could originate on an endpoint while under cyberattack. ML is key to improved security by way of a direct pull-through from IT asset management.
An IT Asset Management Job with a Security Outcome
Within the context of IT asset management, organisations are busier than ever trying to manage the growing number of endpoint devices, applications and data. IT complexity has reached all-time highs. ML has been a very valuable tool for managing that complexity and, while doing so, can also make direct contributions to better security and more resilient endpoints. With the power of ML, you’re not only gaining improved visibility into your assets, you’re learning more about the actions and events happening there and finding patterns.
With patterns inevitably come outliers and so often that’s where vulnerabilities hide. Being able to recognise outliers and remediating any resulting risk is how endpoints – and enterprises – become more resilient.
Keeping machines up to date is an IT management job, but it’s a security outcome. Knowing what devices should be on the network is an IT management problem, but it has a security outcome. And knowing what’s going on and what processes are running and what’s consuming network bandwidth is an IT management problem, but it’s a security outcome. We should not see these as distinct activities so much as seeing them as multiple facets of the same problem space.
The growing number of assets is a challenge, certainly. And as security becomes an increasingly critical risk, organisations have been layering on more and more security tools – ten or more agents on each endpoint, says our research. But increased security spend does not equate to improved security. That much is painfully clear. Instead, you’re left with a complex environment full of competing, fallible agents and, consequently, a false sense of security.
Visibility is key and ML can deliver a complete data set that then gives you invaluable insight on what is happening on your endpoints. This way, you can work to reduce complexity and improve endpoint resiliency.
Image credit: Jirsak/shutterstock.com