Richard Pain: What are the business implications of this new whitelisting technique?
Dr Oliver: I hope that more systems can be moved to a semi-lockdown environment. A complete lockdown is considered unwieldy now, so we’ve got to work on this and convince IT managers that a semi-lockdown environment is a safe environment. We believe that this is a suitable compromise, unless you are working somewhere like a nuclear power plant where you would be better off sticking to a whitelist. But for a business environment like a call centre, for example, a compromise between lockdown and non-whitelisted environments might be more suitable.
Machine learning is becoming very prevalent in cybersecurity because of its suitability for catching imperfections in granular samples. There is the chance that the technique may return some false positives, so steps must be taken to reduce this. But ultimately, adding machine learning to the whitelist will only make it stronger.
Richard Pain: How do you think machine learning will be used for cybersecurity over the next five years?
Dr Oliver: I expect that as machine learning solutions become more prevalent amongst the major vendors, you can expect cybercriminals to have less focus attacking traditional methods and more focus attacking machine learning. They're going to attack the methodology that is blocking their scripts. I also think you'll start to see cybercriminals adopting machine learning approaches for obfuscating and generating their content, so that it looks more believable to the filters.
The battle between the attackers and defenders will continue and taking a wide approach to cybersecurity will remain key. This includes tactics like minimising the permissions each user has, doing multiple backups, switching old data to read only, and providing continuous IT security awareness training. There’s no silver bullet here. However machine learning, particularly for whitelisting, is one of the new tools we are working on to complement these other techniques.
Sign up for CIO Asia eNewsletters.