Speed Kills Malware

We all know that speed kills and when behind the wheel we need to drive a little slower, but when it comes to Malware, time is of the essence and the faster we respond the more effective we are.

As your IT infrastructure continues to evolve, embracing hybrid-cloud and extending the network edge through more devices being connected from more locations, the risk of a cyber attack has never been greater. At the same time, cybercriminals are getting even smarter with sophisticated Malware that persistently finds ways of breaching your defences.

According to IBM’s Security Cost of a Data Breach Report, the average time to detect and contain a data breach is 280 days, an alarming stat that we need to respond to. It is not just data breaches, according to DataProt in 2022 a Ransomware attack happened every 11 seconds.

The challenge we have is how we can significantly reduce the Mean-time to Detect (MTTD) and Mean-time to Respond (MTTR) to Malware. The faster we can respond, the more we are able to reduce the risk of the damage caused.

 

Is Deep Learning The Answer?

It is widely accepted that AI and ML are having a significant impact on improving the effectiveness of Malware protection tools, however, with all of the statistics showing an increase in successful breaches, is the technology advancing quick enough to keep pace with the cybercriminals?

Where machine learning has had a significant impact on cyber security, it has limitations. It requires to be taught by a domain expert, and it only knows what it is taught. In most cases, ML utilises around 2% of the data available and in the case of cyber threats, this data is changing by the second.

Deep learning takes an advanced form of AI to learn very much like the human brain, taking real-time feeds and utilising 100% of the data to continually refine and improve its decision making.

It is able to make the non-linear correlations of data automatically and when specifically architected for cyber security, this means it can make far more accurate and quicker decisions.

 

Detecting The Known & Unknown

Traditional Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions rely heavily on attack signatures (the ability to spot known malware). The reality is that 80% of successful attacks are from previously unknown malware and given that cyber-attacks are increasing at a staggering 77% according to EY, there is general acceptance that we are losing this battle.

Deep Learning takes a different approach, it analyses and learns from Malware, not relying solely on their signatures but being able to inspect their DNA and detect Malware which may have never been seen before.

The results are staggering, in independent tests of Deep Instinct, the leading solution utilising deep learning, over 99% of both known and unknown malware is detected, and what is more, it is detected in under 20 milliseconds.

The only way to reduce the risk of Malware is to move at speed. The ability to detect and block this level of malware before it has time to execute must surely take back the upper hand from cyber criminals and help organisations to add a layer of protection that significantly reduces risk.