Hybrid AI in the Future of Work

/in , , , , /by
Hybrid AI in the Future of Work - ITOps Guest Post
This article was originally posted on ITOps Times

Due to ongoing improvements in artificial intelligence and machine learning technologies, we are on the cusp of an entirely new era in automation. Not only are software robots adept at performing routine, repetitive tasks on behalf of humans, but they are now capable of carrying out activities that rely on cognitive abilities, such as those requiring the use of judgment and emotion. One only needs to look at the cars we drive to recognize just how far automation technology has come.

Does this mean that there will be no place for humans in the future? The answer – at least for the foreseeable future – is a resounding no. That’s because, despite the growing list of benefits, there are also a number of drawbacks to having a system that is entirely autonomous. That’s where hybrid AI comes into play.

The concept behind hybrid AI is remarkably simple, even if the actual technologies and strategies driving it are incredibly complex. In basic terms, a hybrid model integrates humans throughout the automation process, but uses advanced technologies like deep learning and natural language processing to make automation systems even smarter.

AI needs humans
Beyond the hype, the truth is that artificial intelligence technology is simply not yet ready to replace humans – particularly when it comes to mission-critical applications. Take, for example, Tesla’s autopilot feature. While the vehicle itself is equipped with the capability to drive on its own, the driver behind the wheel is still required to remain alert and attentive to ensure his or her safety. In other words, AI is capable of running unassisted, but when it comes to mission-critical functions, it still needs humans, not only to train it, but to make sure everything stays on track.

The truth is, when artificial intelligence gets things right, everything is peachy. But when it doesn’t, the outcome can be disastrous – especially for larger organizations. And while modern AI may have some impressive cognitive capabilities, at the end of the day, it’s still just as its name indicates: artificial. Keeping humans in the mix ensures that the nuances of communication are present and that the output is accurate and relevant.

Humans need AI
On the other side of the coin, humans can benefit tremendously from artificial intelligence technology. And with 37% of organizations having already implemented AI to some degree, it’s clear that people and machines working side by side is becoming the norm rather than the exception. The reason being, artificial intelligence is like a force multiplier for human workers.

For example, data mining can be handled far faster and in much more massive volumes than any human being is capable of. Using AI, organizations can more effectively turn data into insights that can then be used to assist in human decision-making. This thereby drives innovation and competitive advantage.

Bringing it all together
As we progress toward a more automated future, a hybrid approach to integrating AI can help organizations figure out how to get from point A to point B with as little business disruption as possible. One way executives are handling the shift is to create automation centers of excellence (COE) that are dedicated to proliferating automation throughout the organization. Taking a structured approach like this helps to reduce confusion and limit friction.

Members of the COE are responsible for planning, ongoing testing and continuous oversight of the enterprise automation strategy. Typically, this group is made up of individuals who possess a mix of critical IT and business skills, such as developers, operations specialists and business analysts. Additionally, an entirely new role of automation engineer is being created to support the COE.

CIOs may choose to create their COEs with existing employees who are reskilled or newly hired team members. Regardless, COEs represent a strategic approach that is designed to drive adoption across the enterprise while delivering key results in support of company goals.

Ultimately, choosing a hybrid approach that includes a combination of humans and artificial intelligence, is simply the logical evolution of any disruptive technology. It safeguards against the risks of early-stage gaps and helps organizations get the most out of new solutions every step of the way. Done right, technology enables humans to focus on mission-critical applications while using AI to streamline operations and identify the best opportunities and strategies for ongoing organizational success.

AI is not an either/or proposition. It’s up to each organization to determine the right mix of humans and technology that makes sense. As new capabilities and options emerge, that mix will inevitably evolve. And the IT leaders that fully embrace their increasingly strategic value will know how to create the balance that will continually optimize and elevate staff, technology and the entire future of work.

This article was originally posted as a guest piece on ITOps Times. Click here to redirect to the official publication.

C-Suite Priorities: Protecting against ransomware with cyber security incident response

/in , , /by

C-Suite Priorities: Protecting against ransomware with cyber security incident response

This article was originally published as a guest post on the Cyber Security Buzz blog.

Security executives are under increasing pressure to keep sensitive networks, systems and data safe from threats which are rapidly increasing in both frequency as well as complexity. It’s no surprise, then, that CSOs and CISOs often find themselves in the hot seat when it comes to the topic of cyber security. Their roles are changing along with the new daily challenges they face, and as such, they are working tirelessly to remain abreast of the latest cyber-threat news.

In particular, with ransomware steadily on the rise and cyber criminals developing new and improved ways to expose and exploit vulnerabilities, IT leaders have no choice but to re-examine their cyber security strategies to ensure that they are strong enough to withstand the variety of incoming threats they face. By investing in an incident response plan as the first line of defense, executives can provide the added protection of instant identification and isolation of the threat before it has a chance to wreak havoc.

The fact is, as the landscape of cyber threats continues to evolve and expand, it’s becoming abundantly clear that traditional preventative approaches to network and data security are no longer effective. In fact, even Gartner believes that detection and response are the foundation of a successful cyber security strategy. No organization is immune to potential attack and without the ability to quickly pinpoint and remediate a successful breach, the outcome could be nothing short of devastating, both from a financial as well as a reputational standpoint.

Compounding the problem is the increasingly widespread adoption of cloud technology and the IoT. Simply put, migration to the cloud fundamentally changes IT security. In a cloud or hybrid environment, the focus must shift to monitoring and managing incident response. Likewise, with more and more connected devices being incorporated into the workplace, the risk of potentially becoming a victim of a ransomware attack increases exponentially. Now, instead of a few vulnerabilities, the office becomes a potential gold mine for hackers, which means much more work for security professionals.

What’s the solution? While preventative measures, such as firewalls and malware monitors have their place, the best defense an organization can take against security breaches is a more robust incident response strategy that covers all bases. Specifically, a system that integrates with, enhances and extends the capabilities of existing systems and applications to create a more holistic, streamlined and highly-effective process.

A strong cyber security incident response strategy should be able to not only detect the signs of ransomware, but automatically analyze, isolate and contain the threat so that it cannot cause any additional damage. The isolated virus can then be eradicated and the recovery process can automatically begin, effectively mitigating damages. This type of approach essentially closes the loop, creating a much more impervious defense against cyber-attacks, regardless of when, where and how many points of entry exist. Best of all, this can be handled entirely without the need for human input, solving the staffing shortage and addressing skills gap in one fell swoop.

With the worldwide expenditure on enhancing detection and response capabilities expected to be a key priority for security buyers through 2020, the time for security executives to begin shifting their focus is now. By investing in a robust, automated cyber security incident response plan as the first line of defense, executives can provide their organizations the added level of protection they need to effectively thwart would-be attackers and manage threats in a way that will limit damages as much as possible.

To read the original published article, please click here.

How to Get Critical Systems Back Online in Minutes

Guest Post: How to Effectively Isolate Malicious Files Before They Spread

/in , , /by

Virtually every organization deals with a firehose of potential malware on a daily basis. Infosec teams are often overwhelmed with arduous digital forensics and incident response (DFIR) processes dealing with the flood. Typically these DFIR processes involve manual, repetitive checks. Sound familiar?

Chances are your organization, like many others today, struggles to stay ahead in the fight against malware. Evasion techniques employed by sophisticated zero-day malware, manual processes, which increase the workload of security teams and open the door to human error, and the lack of automated orchestration tools to deal with malware attacks are just a few of the many challenges that most organizations are faced with today.

Ayehu’s automation and orchestration platform combined with VMRay’s agentless malware detection and analysis engine enables security teams to mitigate the risk of potentially malicious files through fast automated threat analysis and detection.

How does it work?

Alerts from Security Information and Event Management (SIEM) platforms are usually the trigger for infosec teams to begin investigating potential attacks. Simple integrations with SIEM platforms like Splunk enable Ayehu to receive alerts of suspicious files in an organization’s network. Through an automated process Ayehu submits the suspicious file to VMRay Analyzer for further analysis.

The file is automatically vetted through VMRay’s built-in reputation engine, which has the ability to determine if a file is known malicious or known benign within milliseconds. The ability to deal with known threats so quickly using a fully automated process makes threat mitigation processes much more efficient and effective.

Ayehu VMray Connector

What if the reputation engine cannot classify the suspicious file as known good or known bad? How can I protect my organization from zero-day malware?

If the reputation engine returns an “Unknown” reputation score, the next step in the analysis process, is to automatically put the file through a detailed behavioral analysis.

The suspicious file is detonated in a customized virtual machine and is monitored for all system interactions. With this approach, it is almost impossible for the suspicious file to detect the analysis engine and evade analysis. The dynamic analysis engine then returns a VTI (VMRay Threat Identifier) score by considering several factors such as:

  • Filesystem, registry and network activity of the suspicious file
  • Process creation, code injection or driver installation performed by the suspicious file
  • Evasion techniques used by the suspicious file
  • System Persistence techniques used by the suspicious file
  • YARA rule matches

If a file is deemed malicious by VMRay Analyzer, Ayehu can automatically escalate it as a top priority by generating alerts to security teams. With specific playbooks, Ayehu has the ability to automatically quarantine a user’s device by:

  • Blocking IPs/Hashes
  • Disabling the User
  • Terminating Processes

Automated analysis eliminates the risk of allowing potentially malicious files into your environment while relieving your security team of manual, error-prone processes.

To learn more about how VMRay and Ayehu can effectively isolate malicious files before they spread, click here to launch your free trial of Ayehu or contact VMRay.

Read the Ayehu and VMRay solution brief

 

About the Author…
Rohan Viegas – VMRay, Product Manager
Rohan brings over 12 years of experience in product development and management roles to VMRay. In his role as Product Manager for Hewlett-Packard Enterprise, prior to VMRay, Rohan managed a portfolio of products including network management and security software.
At VMRay, Rohan’s responsibilities include product roadmap planning, project management, and technical collateral development.