According to predictions made by Gartner, “hyper automation” will be the number one strategic technology trend for 2020.
What is Hyper-Automation?
Hyper-automation relies on artificial intelligence (AI) and machine learning (ML) to automate processes that would otherwise be executed by humans. A hyper-automated system is one that can “discover, analyze, design, automate, measure, monitor and reassess.”
Hyper-automation doesn’t rely on a single technology, but a suite of advanced automation technologies that can be stitched together, with the help of AI and ML. While it may seem like just another industry buzzword, it places a much-needed emphasis on the importance of automation, as the growing cyber-security skills shortage continues to worsen.
According to a global survey carried out by ESG, 53% of respondents reported a problematic shortage of cyber security skills at their organization. To add insult to injury, cyber-attacks are becoming increasingly more frequent and sophisticated. In fact, cyber-criminals are even starting to use AI to carry out advanced social engineering attacks.
How Can Hyper-Automation Be Implemented?
Given that hyper automation is a brand-new concept to the world of data security, there’s currently little to no real-world examples or documentation about how it could be implemented. However, an obvious place to start would be to examine which automation technologies are available, and how interoperable they are.
Many platforms and applications expose an API (Application Programming Interface), which allow other applications to query and analyse their data. Given that AI and ML rely on large sets of data to “learn” patterns of behavior, any technologies that you decide to use should be able to leverage existing APIs, and even expose their own.
The Real-World Benefits of Hyper-Automation
Despite the lack of information about how hyper automation can be used to keep our data secure, there are some obvious use cases that are worth examining. The first relates to data discovery and classification.
Most organizations store large amounts of unstructured data, as in, data that is not stored in a relational database of some sort. Examples of unstructured data include images, videos, podcasts, word documents, etc. A lot of unstructured data is sensitive, yet organizations often struggle to locate and classify this data.
62% of companies don’t know where their most sensitive data resides, which is obviously something that needs to be addressed. Fortunately, there are a number of solutions available that can automatically discover and classify a wide range of data types, including names, addresses, Social Security numbers, birth dates, biometric data, and so on.
While these tools are unquestionably useful on their own, with the help of AI and ML, they can be even better. For example, an AI-powered data classification solution will not only be able to identify sensitive data in plain text, but will also be able to find sensitive data in images, videos, and other forms of media, and thus classify the data accordingly.
The Difference between Artificial Intelligence (AI) and Machine Learning (ML)
It should be noted that AI is not the same as ML, although ML is regarded as a subset of AI. Artificial intelligence is able to carry out complex processing tasks that would otherwise be done by humans, and typically relies on an external data source.
Machine learning, on the other hand, is used for learning patterns. For example, ML can be useful for prioritizing tasks. Image and speech recognition software can be very resource intensive. If the system finds more Personally Identifiable Information (PII) in images than audio-visual content, it can choose to prioritize the processing of images, without being instructed.
Some data protection solutions already use ML to learn patterns of user behavior. When a new user is registered with the system, it will monitor their behavior over a given period of time in order to establish a baseline pattern that can be tested against. After the user’s probationary period has ended, any behavior that deviates from this pattern will fire an alert, in real-time, to the administrator.
How to Use Hyper-Automation for Data Protection
Data protection solutions could be greatly improved by sharing information about potential threats. For example, most Data Security Platforms are able to detect and respond to events that match a pre-defined threshold condition.
One use case of “threshold alerting” is to prevent the spread of Ransomware. For example, if X numbers of files are encrypted within given time-frame, a custom script can be executed which can stop a specific process, disable a user account, adjust the firewall settings, or shut down the affected server. This is great, but it doesn’t actually prevent the attack from being initiated.
AI can be used to carry out a forensic analysis of the incident by studying the events that took place prior to the incident. The information gathered could be made available to other organizations using the same system, and through a process of natural selection, it could compare the most common patterns and pick the most likely cause of the incident. Now, the custom script could be executed based on the most likely events that took place prior to the previous attack, thus potentially preventing the attack from being initiated.
However, in order for the system to be able to truly learn, we would need to know if it worked, which would mean allowing the attack to unfold in a controlled environment, such as a sandbox. This is just one example of how hyper automation could be used to prevent a Ransomware attack; however, the same process could be used to identify a much wider range of attack vectors.
The reality is that we are still learning about what AI and ML can do when it comes to protecting our sensitive data, and so it may be some time before hyper-automated systems become widely adopted.
Not only that, but the use of AI and ML require a lot of resources, including memory and processing power. And let’s not forget, AI relies on large, accurate sets of data for it to be effective, which will take time to compile, or accumulate through other means.
Whichever way we look at it, hyper automation is an inevitable trend, as it will soon be the only way to keep up-to-speed with the rapidly evolving threat landscape, and to compensate for the shortage of IT security professionals.