This blog was written by an independent guest blogger.
Today’s world is a fast-paced one, and that reality means changing the approach to security. Traditional ways of securing networks or premises often involved responding to threats after they happened or preparing for the most likely attacks based on experience.
Now, an option called real-time security — or real-time adaptive security — allows people to use a different method.
Real-time setups monitor an entire network and collect details about traffic levels, connected devices, which parties try to access particular resources and when those attempts occur. They also learn what constitutes typical behavior, generating alerts when activity strays from the norm.
However, many people understandably wonder about the reliability of real-time security systems. How could they minimize the chances of the technology causing false alarms?
Real-time security could relieve team member burdens
Many companies lack enough personnel to deal with all potential security threats. There is also a higher likelihood of attacks going undetected for too long, giving hackers more time to cause severe and costly damage. However, many real-time systems have automated artificial intelligence (AI) features that categorize threats and suggest which ones to tackle first.
A 2019 IBM survey found that 76% of people who use cybersecurity automation in their organizations highly rated their ability to detect threats versus 53% of respondents who did not use automation as extensively. If a real-time security system successfully separates threats from harmless incidents, it could help overstretched teams better manage their time and prioritize their efforts.
However, a poorly trained or overly sensitive real-time system could bombard people with too much information, making it challenging to find genuine dangers. As of February 2020, 887 law enforcement agencies had signed agreements with Ring, which offers real-time footage from connected doorbells. Many could not directly connect arrests to the camera footage, though. Some also said the way Ring makes it easy for people to share clips led to problems where residents asked the police to handle trivial issues, like raccoons in their yards.
Real-time information — whether collected to improve physical or cybersecurity — can become reliable and valuable. However, the system must weed out irrelevant data.
Effective real-time security requires contextual analysis
The security sector is not the only industry to depend on real-time information. Health care providers rely on it to make faster, more personalized care choices for their patients. Research also showed that 92% of companies are increasing their investments in real-time analytics for financial decision-making.
Successfully relying on real-time data requires looking at the information in context. Some people become fixated on single data points, failing to see the full picture. That could become problematic when someone tries to access a network’s resource. For example, what if a worker based in the United States provides the correct login information but does so from a German IP address? The lack of location consistency may be a clue to an attack attempt.
Adaptive authentication solutions are becoming more widely utilized in the security industry. They use machine learning and compiled data about a user to calculate a risk score for every interaction. Those tools can eventually differentiate between trusted users and devices versus those that may pose dangers.
Artificial intelligence is not infallible
Real-time security systems usually have AI elements that help them process information. Despite the tremendous advances in AI technology, it is not perfect. For example, researchers found that graffiti or stickers could cause automobiles’ machine learning-powered computer vision systems to misclassify stop signs as speed limit indicators.
People are also concerned about hackers' potential to exploit AI systems and make them ignore signs of threats or see dangerous events as harmless. Some analysts believe law enforcement, civil society, and the military are attractive and vulnerable targets, especially since AI-based attacks are not easy to remedy. They generally focus on inherent limitations with the AI algorithms rather than bugs that a software update could fix.
Plus, hackers seek to wreak the most havoc possible, and they know that doing that requires updating their methods. In the same way that many company leaders have modernized their cybersecurity approaches with AI and similar high-tech options, cybercriminals have adjusted their strategies to have the most severe impacts with their attempts.
Many cybersecurity researchers have demonstrated how easy it could be to make AI systems misbehave. Such shortcomings do not mean people should avoid using real-time security or other options containing AI. However, they remind them that they should not perceive artificial intelligence as hack-proof or otherwise assume it’s working perfectly. Companies that choose to use real-time security should also apply critical thinking rather than immediately trusting what the system says.
Not perfect, but worth consideration
Real-time security is not a magic fix for all an organization’s challenges. The amount of data captured and processed by a real-time adaptive system can, indeed, mean that teams learn about issues they would have otherwise missed. However, it’s also possible that a solution could draw inaccurate conclusions or flood people with data. If users take the time to view things in context, it’s easier to pinpoint the real threats.
People who are thinking about real-time security products have an ever-growing number of them to evaluate. They can boost their chances of making satisfying purchases by specifically looking for highly accurate options and having internal safeguards to keep hackers from tampering.