Threat prevention is growing increasingly complex as a result of exploding data volumes, more entry points for cyber threats and increased rewards for attackers. Security teams of large organisations can expect to collect around 6TB of data per month from different monitoring tools. As society continues to increase its use of advancing technological devices, data collected likely to increase as are the number of false positive alerts security teams have to manage. Novice attackers can easily obtain AI-enabled ransomware on the deep web hence reducing the skill required to infiltrate networks. The introduction of regulations such as GDPR have exacerbated the rewards for attackers as security breaches can lead to steep financial penalties and reduced brand trust. Whilst data science approaches have been utilised to better detect threats, given the ever-changing landscape of security, data science is unlikely to be a silver bullet. During this session we will a look at some of the AI approaches adopted by security teams and attackers to, respectively, secure and infiltrate organisations.

Presented by Darshna Shah at SQLBits XX