SECaas – Security as a Service. Current risk on info security, data and financial value loss continually are growing fast. At the same time, this is getting identified, managed and mitigated as well. There are also many cyber attacks which are never been reported and some are still unknown to the companies. We will open the discussion on AI, Cybersecurity and Security as a Service role for today’s world. Before we go deeper into SecurityIntelligence or SECaaS lets under the terms used here. Please note all the discussion will focus on the FinTech domain because that’s what I do.
Emerging Technologies – AI, ML and DL
As per Sir Andrew NG – AI is the new electricity to power up any business of today with the ability to kill the business if ignored. Machine Learning and Deep learning are part of the AI domain as a subdomain.
- Artificial Intelligence – An umbrella that gives synthetic thinking approach to all technologies take shade under this umbrella. AI solve problems in a heuristic way with being explicit or meta-heuristic.
- Machine Learning –Machine Learning is a subset of artificial intelligence where computer algorithms are used to autonomously learn from data and information. Machine Learning is; where business and experience meet emerging technology and decides to work together.
- Deep Learning – Subset of Machine Learning. It is an algorithm which has no theoretical limitations of what it can learn; the more data you give and the more computational time you give, the better it is – Sir Geoffrey Hinton (Google).
Artificial intelligence is set to transform the financial services industry. How AI will be transforming the future of FinTech to elaborate items from the above list in African markets and opportunities are even more dramatic in just the past five years.
In modern and emerging markets “Software-Based Security” or info-security is the protection given to customer data, transaction, interworking of systems which also has the ability to do pattern checks, velocity checks, all sort of analytics and many other abilities. Few modes of Digital Payment
- Banking Cards (Credit, Debit, Stored value/prepaid) – Used with PoS machines, ATMs, Online.
- Instant Payments – authenticates the identity of the user like a debit card does use the phone as a tool instead of a separate card – Smartphone & bank account.
- Digital Wallets – a type of electronic card used for transactions made online through a computer or a smart-phone – Utility of e-wallet is the same as a credit or debit card-Make paperless money transaction easier.
- Banking transaction out of the bank at PoS with the help of Banking Correspondent.
- USSD – Unstructured Supplementary Service Data – Mobile banking for feature phones. Security around USSD
- AirInterface Security – between the handset and nearest tower – UnSecure
- Core Network Security – between tower and USSDGW – UnSecure
- But both can be encrypted and the reason it’s not done because of the payload it puts on the network which has no business cases. Unfortunately all USSD messages in GSM network transfer as plain text. Having said all this; USSDGW is still far better because of the skill needed to hack. But after message reach to the server, this can be easily encrypted and hackable.
In FinTech domain info-security secures electronic transaction and enables interoperability between applications across diverse platforms and operating systems. Authenticating cardholders and merchants, ensuring confidentiality of information & payment data, defining protocols and electronic security service providers are few areas where AI is outperforming.
AI and blockchain workloads that rely on hardware-based protection for improved info-security. As AI is already “a thing” in security and crime prevention in many parts of the world today. Hardware boosting on per-chip throughput is finding high priority and importance than just becoming a unit on scaling line.
Intel software guard extensions, or SGX, which is a set of CPU instruction codes that enable and execute the selected code and data in protected areas called enclaves. Artificial intelligence and machine learning technologies are applied and developed across this spectrum. The neural network model for detecting and predicting info-security issues needs large data ocean. Along with data it also needs faster processors, boosted chips, FPGAs, GPUs, and similar technology. AI-based hardware for info-security inference can support below segments of problems:
- Cyber Attacks and Software Errors/Failures
- Security & Crime Prevention
- Privacy Protection
- Differential Privacy:
- IoT Systems Security
- Analytics of Consumer Information
- Game Theory
Cyber Security getting strengthen based on machine-learning software explosion but at the same time so the hackers. Software developers, hardware and system designers are going back to school. Current challenges on computing power and storage requirement pushing service and product providers to go back and look at boosting per-chip throughput and not scaling out platforms over warehouses of boxes.
Digital wallet software on top of AI-based hardware − It secures cardholder’s online purchases via point and clicks interface. With the public key used to sign communication that has a key entity in a cryptographic system.
Artificial Intelligence – The Super Hero of CyberSecurity
CyberSecurity powered with Artificial Intelligence can boost transparency levels of Cyber playing field. The Appeal of AI for Cyber Security has extremely good reasons like automation of operational tasks, developing & delivering predictive capabilities, mitigating human biases behaviour and derive doable intelligence. On the downside, AI requires high volumes of high-quality data to learn. Data silos and varying formats can affect training.
Given dynamic cyber landscape use cases need to stand the test of time and context but most of the time it negates the value. AI in CyberSecurity has some questions as below.
- Will artificial intelligence take over cybersecurity?
- How the next level of Cybersecurity will become an AI-powered data-centric model?
- AI and Cybersecurity: Friends or Foes?
CyberSecurity with Artificial Intelligence will get smarter at the same time cyber crimes as well. What’s the next stage in cybersecurity?
- Maybe a simple An AI-powered, the data-centric model with huge processing power.
- Analytical trends/patterns model with any velocity of data to make quick decisions etc.
Data-centric models help to rid of noise and discard it for some other day use. Motivations and applications of AI in cybersecurity has a huge list so we not be able to cover all here. Begin your AI filled CyberSecurity journey now.
Security Intelligence – Security as a Service – SECaaS or SaaS
SECaaS – Another business model of today like MLaaS, AIaaS and BaaS etc; in this model service provider integrates their security services ecosystem into any business. In returns charge a monthly subscription fee. This method of info-security brings cost-effectiveness, transfer of ownership and speed to corporates. SECaaS also has a shorter time to value than traditional security offerings.
Threat Intelligence made threat hunting easy and predictable. In FinTech fraud hunting gets open and easy thus reduce frauds. Fraud hunting under FinTech works kind of next-generation antivirus solution powered with AI and machine learning. This service can work as “As a service” model to identify potential frauds under malware entering a system. Don’t get too excited about cyber intelligence or SECaaS as AI in cybersecurity works as a double-edged sword.
Adopting Security-as-a-Service also address the industry skills gap. AI and machine learning techniques especially predictive analytics can leverage anomaly detection to identify potential security threats. SECaaS service providers or domain specialised managed security services providers; do a much better job and help companies to fill the gap for their limited time and resources.
Threat Intelligence & SECaaS
The right SECaaS provider always helps to overcome vulnerabilities without spending a fortune and hiring super expensive resources. This gets possible with a brand new technique called Threat Intelligence. With this intelligence, it’s now possible to determine the difference between a bot and a human, and this intelligence allows the network to respond to the attack patterns without any form of interaction from the human interface.
Normally by the time the bad IP address gets blocked, the hackers would have already moved to another IP address. So the intelligence to determine the difference between a bot and a human is a serious breakthrough. SECaaS service providers also face few of the challenges as below
- The sense of data loss to the service seekers
- Regulatory compliance violation issues from the local environment
- DoS and DDoS attacks on service providers impacts service seekers
Most of SECaaS integrate their services service seekers existing infrastructure or deploy hybrid environments for use of a mix of cloud and on-premise resources.
Books + Other readings Referred
- Open Internet – NewsPortals, Economic development report papers
- Personal & professional working experience of @AILabPage members.
All credit and credits of contributions remain with original authors and I sincerely thanks for their contribution here. In this post, we have discussed the potential merger of AI and its bundle pack i.e. Machine Learning, data science and analytics. In the next post, we will pick up a specific use case to deliberate on.
Feedback & Further Question
Do you have any questions about CyberSecurity Intelligence where AI is an integral part of it? Leave a comment or ask your question in the comments section below or ask your question via email. Will try my best to answer it.
Conclusion – SECaaS model gets distorted as applications software, storage, and infrastructure runs remotely. Cybersecurity is NOT just an information technology department. People in the same department does not own the problem or responsibility in full. It is the job of every employee and even customers of the organisation. As per google search engine, identities are being stolen online every 3 seconds 24/7. So what are we doing, how can we protect it? GDPR makes it even more relevant. There are organizations which has suffered the cyber attacks, about to suffer and may have suffered but don’t know. To find better answers on this we need AI techniques to get over this. Understanding the relationship between AI or science that can imitate human beings and Cybersecurity that is an essential need for all is the key to success in business today.
============================ About the Author =======================
Read about Author at : About Me
Thank you all, for spending your time reading this post. Please share your opinion / comments / critics / agreements or disagreement. Remark for more details about posts, subjects and relevance please read the disclaimer.