The cybersecurity tech industry may be a fast-growing one amid the need to keep pace with the exponential growth in cyberattacks and breaches, but its ultimate success in defending us against these threats will depend on closer co-operation between global firms and national governments, experts say.
“I think organisations know very well that they have huge responsibilities to their employees, to their customers, their clients, to the data that they’re holding, to the intellectual property, to safeguard this, and people are beginning to understand what happens if this all goes wrong.” said Jacky Fox, cyber and forensic lead with Deloitte.
“So I think the idea of sharing what you know about cybersecurity and intelligence with other similar organisations facing similar threats is not a hard sell. It’s happening naturally.”
Naturally, heads may be made to knock together by global estimates that put the cost of cybercrime at nearly €2 trillion by 2019. In addition, other driving forces include the new Network Information Security (NIS) EU directive and a set of EU-wide rules known as the General Data Protection Regulation (GDPR).
Firms classed as either essential service providers or digital service providers who fail to adhere to these rules face fines of up to €10 million or 2 per cent of their turnover under the NIS directive, rising to €20 million or 4 per cent of global turnover under the GDPR.
Organisations are realising that the GDPR rules in particular have real teeth, said Fox.
Last July the European Commission also launched a public-private partnership on cybersecurity that it hopes will generate €1.8 billion in investment in the area. It will invest €450 million in this partnership under its Horizon 2020 research and innovation programme, while major firms in this sector are expected to invest three times more.
However, getting that process of sharing information going is not always the easiest thing, says Chris Davey, cybersecurity lead for Accenture Ireland.
“When it comes to security there is a fascinating paradox in that nobody wants to admit they’ve had a problem, yet everyone stands to benefit by sharing this information on threat intelligence.”
“We do see information being shared, with a good level of trust, between similar organisations. For example, governments seem willing to share this type of intelligence, and similar organisations in different countries seem able to share threat intelligence.”
Fox adds that cybersecurity expert communities and groups here are very small and closely knit, and they also tend to be sector specific “so there just has to be a level of trust and confidentiality among the participants; it’s not going to work otherwise”.
A recent Deloitte report that surveyed mainly Irish senior executives in various industries, most notably the technology and financial services industry, and senior public servants found that Ireland had the potential to become a cybersecurity research cluster and attract strong FDI in this area.
Fox said there was a “huge opportunity in this space at the moment” thanks to the critical mass of global tech firms already based here.
“So based on that we have a huge base of technical knowledge and resources available to these companies, and as such it has perhaps been easier than for other countries to attract the major cybersecurity companies to come and set up here,” she said. “At this stage we have quite an interesting cohort of them already here, some of them attracting others.”
Chris Davey says that we are already making strong strides in this direction, reflected most recently by the announcement of a new $5 million R&D centre in Dublin by Russian cybersecurity firm Kaspersky Labs. There’s also a new government agency called the National Cyber Security Centre, while the International Cyber Threat Summit took place this month in Dublin.
“Brexit could potentially have a positive impact by way of creating high-skill jobs in Ireland as companies that would have set up in the UK consider Ireland instead to maintain the benefits of dealing with an EU member state,” said Mr Davey.
Artificial intelligence
Thanks to Hollywood depictions, artificial intelligence (AI) tends to be viewed as something sinister – not unlike the motives of those who engage in cyberattacks or terrorism. But AI technologies like neural networks, heuristics, data science and natural language processing are already playing a central role in the fight against cyber-related threats, according to Kelvin Garrahan, a senior manager in Deloitte’s risk advisory team.
“AI helps us to solve two particular problems, one problem is scale and the other problem is speed.
“Scale is about how can we keep pace with developments in the filed, how can we keep our knowledge current? Given the amount of information that’s being produced that’s a very very difficult task and, realistically, we can’t keep up.”
So keeping abreast of it requires some degree of automation.
This scale, in turn, impacts on speed.
“So if we have a breach we want to be able to detect it very quickly and respond to it quickly, and that’s proving to be quite daunting given that the scale of the systems that we’re looking at.
“So where cognitive systems help us is that they can automatically understand a large ream of information, they’re constantly learning and accessing all this data with regard to intelligence around cyber trends.”
Does this mean that eventually all cybersecurity will become automated? “Well, what we’ve seen in the last number of years is that we’re getting past that,” said Garrahan.
“We’re actually getting to the stage now where we’re looking for intelligent systems – called cyber AI – to detect a breach, respond to that breach with some mitigating control, as in block it, and then inform the humans to say: ‘here’s what happened, here’s what I did, is that correct?’ That’s the only way we can move fast enough to respond. It’s getting more mainstream now.”
However, there is still the strong possibility of AI technologies being used by criminals too, said Chris Davey of Accenture Ireland. “The history of cybersecurity shows that as each technology arrives, it will be used for both crime and prevention, so it’s possible that the arms race will continue with AI attacks as well as AI defence.”