Cybersecurity as a discipline has been around as long as the internet has and involves the protection from digital attacks of systems, programs and networks. Much like an online military to ensure security, cybersecurity as a specialty safeguards systems, programs and networks from unauthorised access and change - be it in the form of deletion or alteration of sensitive information, extortion of funds or an interruption of ongoing business processes to name a few cyber threat use cases. This protection happens by overlapping multiple layers of protection to prevent threats to what is to be kept safe. These layers of protection can extend into three components namely
An amalgamation and a complementary overlap of all three components ensure seamless cybersecurity protocols against attacks.
The Evolution of Cybersecurity
Taking a closer look at the evolution of cybersecurity over the past three decades and the path that lies ahead could open up the doors to the trends to watch out for by 2030.
- Cybersecurity in its Teething Stages (late 1990s to 2010)
The earlier years of this stage marked the era when the internet just became accessible to the public who went on to put their private information online. Also, online predators decided to tap into their naivety to profit and a need for cybersecurity was anticipated. This marked the birth of cybersecurity as an established discipline. Firewalls and antivirus programs came to be, making their way into public use to offer protection against cyber threats. As time went on though, hackers just kept getting smarter. Hacking began to be identified as a serious offence with legal actions in place against prosecutors over this period of time. Being primarily a human-run security monitoring mechanism, there proved to be a host of vulnerabilities for opportunistic hackers to exploit.
These teething years marked the beginning of people and processes coming together to create a layer of protection against digital threat. It paved the way to a deeper understanding of cybersecurity as a formal discipline.
- Cybersecurity in the Current Scenario (2011 to 2020)
Jump through to the decade most of us have lived through - one of several data breach instances and insults to cybersecurity. Most large-scale firms boasting major online presences began hiring Chief Information Security Officers, analysts and junior executives to monitor, predict, assess and prevent threats to their digital frameworks. There was also a widespread cropping up of companies directed to offer solutions and mitigate risks associated with cyber threats setting a path ahead for innovation like never before. Exiting this decade with a pandemic forcing people to self-isolate and stay home did not help - an increased dependency on the digital world for personal and professional use was converted as an opportunity by crime perpetrators and actually blew up cyber-crime rates by a whopping 600%!
Until a while ago, though, the focus has remained on using technology in a way that was complementary to the traditional defence systems already in place. However, this decade saw the beginning of an infusion of automation technologies in the practice of cybersecurity, that can take matters into their own digital hands if need be. There is no doubt why this is anticipated to be the next big thing over the upcoming decade. However, fears persist on whether the role of man will be made redundant with this mainstream inclusion of automation. If that will actually be the case, only time can tell..
At present, Artificial Intelligence (AI) has the upper hand over humans in terms of the volumes of data that can be processed. Its incredible capacity for learning continuously and the ability to identify even threats previously unknown is an add on. Owing to this, AI has three main applications that play a part in improving cybersecurity. The first would be at a preventive stage where AI technologies can be employed to identify and assess risks or gaps in existing systems, companies or institutions existing IT infrastructure. Once identified, appropriate action can be taken promptly or once given direction by a human presence. The second application is the popularly seen use of biomimetic authentication over typing out user ids and passwords manually. This is widely in use across the digital world and it doesn’t look like it is going anywhere any time soon. The third application of AI in cybersecurity widely in use is the prediction of attack by assessing a pattern from the behaviours exhibited prior to previous attacks. This, to a large degree, helps minor and major block future cybersecurity threats and attacks and a sort of security immune system can be built.
- Cybersecurity in the Upcoming Decade (2021 to 2030)
As we stand at the helm of a whole new decade, it is apparent that the biggest change in the cybersecurity field over the next ten years is sure to come from Artificial Intelligence. AI has already proven its role in protecting systems from perimeter attacks and beyond, limiting the incidence of hacking.
This decade the priority in cybersecurity should be to overcome the shortfalls of Artificial Intelligence use in the field. A major example of this would be the incidence of Adversarial Artificial Intelligence which ends up working in favour of the attacker when the machine learning models misinterpret inputs and alter behaviours in their favour. While Adversarial Artificial Intelligence is just one instance, it is an indication of how the perpetrators of these cybercrimes are also catching up and how cyber threats are evolving with every passing day.
That being said, it’s safe to say that the future of cybersecurity lays in the hands of Artificial Intelligence technologies. That brings us to another major question on the minds of many.
So, can Artificial Intelligence replace Humans in Cybersecurity by 2030?
Human analysts possess intuition and creativity, both of which are unknown and alien concepts to AI. On the other hand, AI can comb through large volumes of data in a short period of time and can function without a break, unlike humans. Research has proven that in the case of security professionals, findings verified by a human analyst are preferred and gain 60% more confidence to those put forth by Artificial Intelligence.
One of the best examples of the coming together of humans and AI is AI-Squared. A collaborative brainchild of MIT and a start-up called PatternEx, it combines both intuitions possessed by an analyst with the abilities of AI to analyse large volumes of data scanning for abnormal activity. This happens in a machine learning process called unsupervised learning to spot anomalies after which abnormalities are reviewed by human analysts to differentiate between genuine users and hackers. The findings are then inputted for future perusal in a process of supervised learning.
To put it simply, an optimistic view of the years to come would be that by 2030, we will see a seamless alignment of the capabilities of humans and AI, with either entity making up for the shortcomings of the other.