“The Chinese economy is already weak, and sanctions would only hurt it more, which would directly affect the U.S. economy and jobs,” Munroe said.
That leaves American companies essentially on their own to defend themselves, which has been the case since the beginning of the “great brain robbery.”
But, security experts say defensive tools are improving, in part thanks to broad awareness that perimeter defenses are not nearly enough, and also because of the growing technological capacity to collect and analyze data.
“There is a growing shift in the industry away from signature-based technologies, as they are not enough to detect and prevent today’s sophisticated adversaries,” Alperovitch told CSO.
“Traditional detection technologies look for known sequences in files, and block those known to be associated with malware. The issue is that the signature for a given malware element can be quickly and easily changed – far more quickly than anti-virus vendors can adapt to the changes,” he said.
“This is why the combination of machine learning and behavioral-based detection and prevention is much more effective.”
But Ariel Silverstone, a consulting chief security and privacy officer, told CSO in December that he believes ML is, “severely, significantly under-hyped.” Not only can it detect intrusions, he said, it can predict them, to the point where it is possible to ask the machine, “Will I be attacked next Tuesday from China at 3 p.m.?” and get an answer that has a better than 99 percent chance of being accurate.
Jason Tan, CEO and cofounder of Sift Science, agreed. “One of the key benefits to machine learning is its versatility and adaptiveness,” he said, “allowing organizations to harness vast amounts of data to predict all types of fraudulent behavior – including IP theft.”
Andrew Gardner, senior technical director, machine learning, at Symantec, is even more bullish. He said the major breaches of the past several years – Target, Home Depot, Sony, J.P. Morgan and others – “could soon be a thing of the past if security solutions gain predictive capabilities that empower the CISO.”
He said deep learning has helped his firm become three times more accurate in spotting zero days, “because we’re able to identify oddities sooner by connecting the dots between behavioral and contextual signals that could signal an attack is likely.”
Alperovitch cites similar experiences. He said machine learning has made it possible to collect “massive amounts of threat intelligence” through crowdsourcing, and then analyze it for what he called Indicators of Attack.
Sign up for CIO Asia eNewsletters.