Saturday, Apr 29, 2017
HomeColumnsThe Cybersecurity Immune System

The Cybersecurity Immune System

In the abstract, your body’s immune system is the mechanism that enables you to fend off infections and diseases. That system includes multiple components that work together to accomplish this task, including your skin and other barriers that keep diseases out of your body, the disease-fighting cells that circulate throughout your body via your bloodstream and lymph nodes, and the bone marrow and other organs that generate those cells.

In much the same vein, your computer network’s cybersecurity system is the mechanism that enables it to deflect hacking attacks and other unauthorized incursions into the network. The firewall acts like your body’s skin to provide a first defensive layer. Internal antivirus software disables computer viruses and malware, and your IT team generates new defenses against ever-evolving modes of cyberattacks.

Completing the Analogy – Cybersecurity Immune Systems

The UK cybersecurity company, Darktrace, patterned its novel cybersecurity system after the body’s immune system. Rather than creating specific code that recognizes known viral attacks on a network, Darktrace’s Enterprise Immune System uses artificial intelligence machine learning to teach itself the normal patterns of a network’s operations. The system then flags deviations from those patterns as potential cybersecurity threats. Thus, rather than creating a matrix of fixed rules that define what a cyberattack looks like, Darktrace’s system observes network activity and focuses its efforts on anything that is outside of the norm. This approach thwarts any attempt by a hacker to simply tweak a coding virus to make it unrecognizable to a fixed cybersecurity rule.

The Silicon Valley cybersecurity company, PatternEx, has adopted more of a hybrid approach that still relies on analogies to human immune systems, but that also includes a combination of supervised and unsupervised machine learning. Modern medicine has learned how to boost a human immune system with vaccinations and inoculations against influenza and other viral infections that can overwhelm even a robust immune system. Likewise, PatternEx’s approach relies on an IT team’s analysis of deviations that are flagged by the system, rather than simply disabling those threats with no outside interaction.

What Happens When the Immune System Fails?

Some human disease pathologies can debilitate an individual’s immune system. Others can defeat that system simply by throwing greater numbers of viral attacks against it. Consider, for example, how the human immunodeficiency virus (HIV) affects an individual. The HIV virus disables an individual’s disease-fighting white blood cells. With fewer of those cells to defend the individual, other infections can them enter and harm the body.

This is effectively what can happen to a computer network that is targeted by a distributed denial of service (DDoS) attack. In a typical DDoS attack, a server sees tens of thousands of network calls per second. This paralyzes the network and distracts the IT team that is charged with fending off the attack. With the network so paralyzed and distracted, a virus can more easily slip by any other defenses to do longer-lasting damage.

Keeping Your Network Healthy After a Breach

Individuals can get health insurance to pay the medical bills when their immune systems are not up to the full task of protecting them. Organizations get cyber liability insurance for the same purpose. What is liability insurance and what does it cover? In the event of a cyberattack, reputable providers like CyberPolicy offer coverage for data breach, cyber extortion and business interruption.

When a cyberattack does cripple a system, an organization will incur direct costs to recover lost data and to repair or replace damaged servers. The organization might also suffer third-party losses relating to customers whose data has been compromised as a result of the attack.

Individual health insurance can provide resources to pay expensive medical bills and can ultimately keep a person alive and out of bankruptcy. A good cyber liability insurance policy will similarly help an organization to pay the bills to recover from a cyberattack, and in many cases, it can provide the resources to keep that company in business.