My neighbor’s security alarm went off last week. Since I am on her contact list, I received a call from her home security company letting me know of a potential break-in. Fortunately, in this case it was not a burglary, but it got me to thinking about all the resources we have available to keep intruders out of the physical network.
The physical network also has alarm systems, like virus scanning software, that tell us if there is an infected device on our network, but typically these don’t tell us the location of the intrusion. There are perimeter firewalls for attacks that originate outside the network and, of course, physical security, neither of which can protect from patching errors and configuration mistakes. The answer to how best to secure your network is not an easy one. So much depends on the complexity of the network and the potential cost and impact of a major network outage or breach.
One of the key ways to prepare for a compromise is to have a security audit process along with applicable accurate documentation of the network. This is one of the areas of cybersecurity where automated infrastructure management (AIM) can play a significant role. With an AIM protected network, the documentation is up to date, electronic work orders are tracked, traced, and implemented without errors, unauthorized connections are detected and flagged in real time, and, in the event of a breach, AIM can immediately notify security of an unauthorized connectivity change and/or the location of the infected device.
Use of artificial intelligence (AI) and machine learning in many industries and disciplines are on the rise. Considering the future of cybersecurity, these trends tell us that use of AI and machine learning for both prevention and detection will become more wide spread. Using data and historical information to derive new and better approaches to cybersecurity just makes good sense. As an example, cloud-based facial recognition services could be used with AIM for security access control, as well as to validate that certain activities are only carried out by authorized personnel. Because of the vast amount of information related to processes and pattern of changes available from AIM systems, it stands to reason that the future will push us towards use of predictive analytics in network security. At that point adding AI and/or machine learning to the network’s physical “alarm system” repertoire will be an even more powerful barrier to help keep all the bad things out of your network.
Maybe one day AI will help my neighbor by detecting when an alarm is a false alarm. In the meantime, if you have an immediate need for a more robust, proactive “alarm” system for your network consider how an AIM system can help.