Jonathan Pope, CEO and co-founder at UK cyber security company, Corax, explains how AI in cyber security can predict and quantify the threat
AI in cyber security-What if you could predict the likelihood of a hacker breaching your organisation? And what if you could predict how this breach would impact your organisation? Would it make a difference if you knew a disruption to IT was caused by a third party vendor or if an outage would affect the IT of the company itself?
AI in cyber security can help predict when a breach will occur and a range of predicted loss costs and what makes up those costs.
This foretold knowledge is incredibly useful because it gives decision-makers “something to get their teeth into and compare cyber in a like-for-like way with other business risks,” explains Jonathan Pope, CEO and co-founder at Corax — the cyber risk modelling and prediction platform.
Turning (non-technical) heads
Traditionally, one of the main problems with cyber security surrounds understanding, or a lack of. Those with non-technical backgrounds towards the top end of an organisation — typically, the CEO, CFO and the board of the business — have trouble comprehending the “technical security stuff ” and they need something that helps them understand it.
The emerging role of the CISO has gone some way to solve this. These individuals communicate the reality of an organisation’s security situation in a digestible manner to the key stakeholders.
But, what if the process could be automated?
AI in cyber security: predict and quantify
AI can provide faster and more accurate benchmarking predictions and expected loss costs of cyber events to an individual and groups within companies — in plain English. The technology is a key part of this quantification process.
For an AI solution to accurately predict and quantify the likelihood of a breach and how it will impact a business, it will have to understand what a company looks like it before it can start its calculations.
“We need to know what it does, how big it is (in terms of revenue and staff), what the type of data is it might hold and what technology and third parties it uses,” continues Pope.