Like other cyber security firms, Finland’s F-Secure is building an artificial intelligence capability into its products and services, but says this is no replacement for cyber security professionals
A combination of humans and machines offers a “unique competitive advantage”, according to Jyrki Tulokas, executive vice-president at F-Secure, one of the largest cyber security firms in Europe.
“We protect customers not only through technology, but also by having the best people in the industry who understand the security landscape to assess customers’ IT security and the security of their products,” he said.
F-Secure believes that working with organisations to understand their particular security challenges enables the company to deliver better cyber security products and services.
“We believe that without having that continuous work with customers, it is impossible to build the most effective artificial intelligence and products,” said Tulokas.
The demand for cyber security, he said, continues to be driven by cyber attacks, but one of the biggest changes in recent years is the emergence of new regulations such as the European Union’s (EU’s) General Data Protection Regulation (GDPR).
“GDPR compliance is causing a lot of issues for some of our customers, but in addition there are nation states trying to influence the politics of other countries through cyber attacks and new security and compliance challenges are arising from organisations moving workloads to the cloud,” said Tulokas.
“Another driver across all of these trends is digitalisation, with just about every company trying to introduce digital services and connect their businesses somehow to the digital world. But this creates a lot of potential problems, such as keeping track of their data and ensuring that it is secure.”
These trends, he said, are increasing the need for organisations to have a better capability to detect cyber intrusions and to respond to them. “The GDPR alone requires organisations to be detect data breaches faster and to be able to respond in a timely manner,” he added.
Increased complexity calls for better automation
The increasing number of data sources for cyber security companies to consider when trying to identify potential problems means that there is a growing need for automation and better security orchestration.
“We have so much data today about what is a potential breach that it is not possible any more to do that with humans,” said Tulokas.
“While increasing complexity and the shortage of trained cyber security professionals is increasing the need for outsourcing. Organisations, especially in the mid-market, are seeing there is no way they can handle this security problem on their own because they don’t have the people or expertise.
“As a result of the cyber security megatrends, we see the need for detection and response, automation and better security orchestration, and outsourcing as the three main drivers of the business,” he said.
Alongside the continuing trend of ransomware attacks, Tulokas said file-less attacks or attacks that abuse legitimate administration tools are also on the rise, which means that behavioural analysis is key to detection.
“We need to understand what is good and what is normal in an organisation, but this cannot be done by looking at a single computer. We are looking for anomalies throughout the system, which is technically different to what we have had in the past, hence our move to artificial intelligence and machine learning.”
Exploitation of vulnerabilities in devices making up the internet of things(IoT) is another area where attackers are investing time and effort.
Like file-less attacks, Tulokas said tackling IoT exploitation attacks need a different approach because security tools cannot be installed on these devices.
One response to these trends by F-Secure, he said, is the company’s Rapid Detection Service, which is designed to provide a way to understand if an organisation has been attacked and how attackers are trying to move around.