Sun. Oct 2nd, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment: Automating Incident Response? Considering Artificial Intelligence in Cyberspace

    Information - 92%
    Insight - 93%
    Relevance - 91%
    Objectivity - 94%
    Authority - 95%



    A short percentage-based assessment of the qualitative benefit of the research report from the NATO CCDCOE on the topic of incident response automation.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.

    Background Note: Shared for the non-commercial educational benefit of cybersecurity, information governance, and eDiscovery professionals, this recently published research report from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) explores the use of artificial intelligence for incident response.

    Paper from CCDCOE*

    Automated/Autonomous Incident Response

    Vasileios Anastopoulos, PhD and Davide Giovannelli, LL. M.

    Report Introduction

    Artificial intelligence (AI) has existed for a long time in a way that seems to affect every aspect of our lives in a modern society, but it is only recently that its applications have been made known to the public. AI is already present in many fields including education, agriculture, health and medicine, manufacturing and transportation.

    Cyberspace as ‘a global domain within the information environment consisting of the interdependent network of information systems infrastructures including the Internet, telecommunications networks, computer systems, and embedded processors and controllers’, is omnipresent within everyday activities, but its use for malicious acts has also risen the need for cybersecurity, ‘the ability to protect or defend the use of cyberspace from cyberattacks’. AI applications are already present in cyberspace, used both by the attackers and the defenders. It could render cyber attacks more successful, leveraging, for example, its ability to replicate natural language and thus making phishing emails more successful, or developing autonomous cyber weapons that could attack and self-replicate. It could also help defenders in detecting anomalies and quickly addressing vulnerabilities and misconfiguration. Currently, there is a controversy about the impact of AI in cyberspace, with one study warning that it could drive to more aggressive and destabilizing engagements between nations, while another states that attackers will be less likely to employ AI due to its constraints, flaws and limitations unless they see unique benefits. What is clear, though, is that ‘while the discussion regarding autonomy in the physical world is largely about systems that are not quite yet in operation, in the cyber-world, autonomy is already a reality’.

    According to recent surveys, when an incident response is led by humans it is no longer possible to keep up with the speed, scale and sophistication of automated cyber attacks. The need for more sophisticated technologies is emerging with defenders turning their efforts to guarding against AI-powered attacks and by enabling AI defenses. Every day more and more security teams rely on AI to stop threats from escalating even at the early stages of a compromise. Organizations employing AI in cyber security report benefits from its application with increased return on investment (ROI) being one of them. The use of AI in incident response enables security teams to identify, investigate and remediate threats a lot faster, while the effort required is also reduced. Reacting in a timely manner is crucial for cyber defense and reducing the human effort required to respond to security events, facilitates the security teams to focus on the cybersecurity aspects they wish to.

    Commercial products have already integrated AI technologies to fight against cyber attacks such as spam mail, ransomware and malware. Vendors continue to integrate AI features into their products while new solutions based on AI are on the rise, such as autonomous response to thwart attacks in progress, automation of the investigations process, protection against phishing attacks, endpoint protection and more.

    Read the original post.

    Complete Report: Automated/Autonomous Incident Response (PDF) – Mouseover to Scroll

    Automated:Autonomous Incident Response - CCDCOE

    Read the original paper.

    NATO Cooperative Cyber Defence Center of Excellence – Cyber Defence Library

    Additional Reading

    Source: ComplexDiscovery


    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Data Corpus Minimization? IDC Recognizes DISCO as Early Case Assessment Software Leader

    “As innovation continues to impact and disrupt the legal world, we’ve...

    Building a Cybersecurity Workforce? The European Cybersecurity Skills Framework

    According to ENISA's Executive Director, Juhan Lepassaar, "The future security of...

    Leaning Forward? The CISA 2023-2025 Strategic Plan

    The purpose of the CISA Strategic Plan is to communicate the...

    Continuous Risk Improvement? Q3 Cyber Round-Up From Cowbell Cyber

    According to Manu Singh, director of risk engineering at Cowbell, "Every...

    eDiscovery Mergers, Acquisitions, and Investments in Q3 2022

    From HaystackID and Relativity to Exterro and TCDI, the following findings,...

    Allegations and Denials? Nuix Notes ASIC Enforcement Proceedings

    The recent investor news update from Nuix on 29 September 2022,...

    Revealing Response? Nuix Responds to ASX Request for Information

    The following investor news update from Nuix shares a written response...

    Revealing Reports? Nuix Notes Press Speculation

    According to a September 9, 2022 market release from Nuix, the...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for September 2022

    From privacy legislation and special masters to acquisitions and investigations, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for August 2022

    From AI and Big Data challenges to intriguing financial and investment...

    Five Great Reads on Cyber, Data, and Legal Discovery for July 2022

    From lurking business undercurrents to captivating deepfake developments, the July 2022...

    Five Great Reads on Cyber, Data, and Legal Discovery for June 2022

    From eDiscovery ecosystem players and pricing to data breach investigations and...

    Bubble Trouble? eDiscovery Operational Metrics in the Fall of 2022

    In the fall of 2022, 89 eDiscovery Business Confidence Survey participants...

    Cooler Temperatures? Fall 2022 eDiscovery Business Confidence Survey Results

    Since January 2016, 2,874 individual responses to twenty-eight quarterly eDiscovery Business...

    Inflection or Deflection? An Aggregate Overview of Eight Semi-Annual eDiscovery Pricing Surveys

    Initiated in the winter of 2019 and conducted eight times with...

    Changing Currents? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2022

    In the summer of 2022, 54.8% of survey respondents felt that...

    A Significant Operational Defeat? Ukraine Conflict Assessments in Maps (September 27 – October 1, 2022)

    According to a recent update from the Institute for the Study...

    Perception and Reality? Ukraine Conflict Assessments in Maps (September 22 – 26, 2022)

    According to a recent update from the Institute for the Study...

    Nuclear Options? Ukraine Conflict Assessments in Maps (September 17 – 21, 2022)

    According to a recent update from the Institute for the Study...

    Mass Graves and Torture Chambers? Ukraine Conflict Assessments in Maps (September 12 – 16, 2022)

    According to a recent update from the Institute for the Study...