Colleges Turn to AI for Cybersecurity Defense
The big business of hacking requires a sophisticated response from higher education IT.
Cybercriminals aren’t hobbyists: Cybercrime is a business that uses sophisticated technology, including artificial intelligence, to automate profit-making. It’s a big business, too. Bad actors rake in about $1.5 trillion a year, according to a study from the U.K.’s University of Surrey earlier this year.
But there is some good news. Colleges can avoid becoming targets by raising the cost and complexity for hackers, reducing their return on investment.
“While there are AI tools that cybercriminals can use, there’s a cost to that in connectivity, storage and power,” says Michael Suby, vice president of research at Stratecast. “Either they have to find a way to steal that and not be detected, or they have to pay.”
Institutions can also fight fire with fire, using hackers’ tools against them. But while machine learning could help fix vulnerabilities and analyze user behavior to develop ideal security settings, for example, it’s also important to build security into systems from the start.
Here’s some more advice from the experts.
Practice Good Cybersecurity Hygiene
“The security for many enterprises is considerably worse than you’d think,” says Deian Stefan, who’s also a professor at UCSD’s engineering school and an HDSI adviser.
That means every institution likely has room to tighten its environments, resources, storage, networking and monitoring. “Make sure to fence your applications and your resources to be sure they’re only being used for proper activity,” Suby says. That will prevent resource leakage and make sure that attackers don’t have greater capabilities than legitimate users.
Monitor Usage of Cloud Platforms on Campus
In addition to the many commercial tools that monitor server and network usage, cloud platforms offer monitoring capabilities that can reduce the risk of malicious use of resources. In addition enterprise-level implementation, IT staff can work to raise awareness of these capabilities among staff and students who choose their own cloud-based productivity tools.
Use a Secure Runtime Monitor
Be sure to choose a secure solution that lets you specify security policies. “Even if you get compromised, the runtime monitor ensures that the attacker can’t reach your data,” Stefan says.
Eventually, machine learning will perform tasks such as evaluating user-application interactions to set session durations accordingly, limiting the window of opportunity for cybercriminals, Suby says. And, as the IT community becomes more aware of resources and gets better at monitoring them, it will be harder for criminals to steal them.