AI, machine learning keys to real-time solutions for cyberattacks
Artificial intelligence and machine learning are expected to further facilitate real-time cyber protection and lead future growth of the cybersecurity industry, said Simon Green, president of Palo Alto Networks, Japan and Asia-Pacific.
To better visualize in a detailed manner, Green told China Daily that Palo Alto Networks sees about 39 billion cyber "events" every day from its clouds, which are whittled down to about 130 incidents that may pose cybersecurity risks, before around eight alerts are finally put in the hands of humans because they require deeper inspection.
"From 39 billion to a single digit number, that's what AI and ML mean to cybersecurity at work," he said, adding that AI and ML will significantly push forward what cybersecurity is all about — detecting and responding.
"With the help of about 1,250 AI- and ML-trained models, we are now able to detect cybersecurity threats within 10 seconds and respond within 60 seconds. That is a real-time solution that used to take days and weeks," he said.
In an era of fast-growing digitalization, regulators are also posing higher standards for rapid detection and response to cyberattacks.
In July, the US Securities and Exchange Commission, a US government agency that regulates the securities markets and protects investors, adopted new rules for cybersecurity risk management and incident disclosure, requiring public companies to disclose material cybersecurity incidents within four days of an attack.
However, 65 percent of cyber maturity companies worldwide demonstrated an average mean time to detect (MTTD) of six months or less last year, while 67 percent reported an average mean time to respond (MTTR) of 30 days or less, according to a recent cybersecurity report by global consulting firm Ernst & Young.
"Now, AI and ML can help take both MTTD and MTTR to under a minute. That's enormous amounts of efficiency and means attacks can really be stopped," Green said, adding that the company will further increase investment in relevant research and development and expand local presence.
"We spent over $1 billion last year in R&D, and we know that there are a lot of incredibly bright engineers and an enormous amount of PhD talent in China," he said. "We feel that this is a very good market and we are investing. For example, we are building a new office in Shanghai, whose construction has already started."
Palo Alto Networks is also seeking close partnerships with local software as a service companies and cloud service providers to boost cooperative growth, said Adrian Chan, vice-president of Palo Alto Networks, Greater China.
"We also hope to assist Chinese company's digitalization process when they go global, by ensuring their cybersecurity in a way that is compliant with overseas regulations," Chan said.
In terms of the future landscape, Green said in five to 10 years from now, the cybersecurity industry - which is highly fragmented today with around 3,000 players in total - will be highly consolidated at that time, and only very few players can help customers solve the most critical problems, and AI and ML will be essentially on how this gets done.
lijiaying@chinadaily.com.cn
