1. Leverage Security Analytics to Speed Up Threat Surveillance
AI is a necessary tool for higher education institutions because of the sheer size of their networks, and the speed at which bad actors can launch AI-based cyberattacks, says Von Welch, executive director for cybersecurity innovation at Indiana University and director of IU’s Center for Applied Cybersecurity Research.
“It’s critical to have faster and faster responses, in the middle of the night, on holidays and in general,” he says. Higher education CISOs, he continues, need ways to “take care of the background noise of these threats as quickly and at scale as possible.”
That’s why the University of Tennessee Health Science Center started using CB ThreatSight, a managed threat hunting service from VMware Carbon Black. The tool gave them “a whole set of eyes looking over everything,” according to a recent case study published by Ammar Ammar, University of Tennessee Health Science Center IT security analyst. “We recently had an outbreak of weaponized documents,” Ammar said in the case study. “CB ThreatSight immediately identified the issue, and we were able to block them from coming through on the exchange.”
AI-oriented vulnerability management capabilities will only keep improving, says Chris Wessells, senior higher education strategist at Dell Technologies, which worked with the University of Tennessee on this solution.
“In the future, we’ll see much more active prevention and detection happening within core aggregation groups around the world,” Wessells says. That includes identifying threats from known active adversaries and training AI to detect them.
More from EdTech: A 5-Year Vision for Artificial Intelligence in Higher Education
2. Use Deep Learning in Cybersecurity to Bolster Vulnerability Management
As networks grow, so does the number and magnitude of the threats they face, along with the speed in which those threats move. This is another burden AI takes on, says Mike Spisak, CTO of security for IBM Garage, an innovation consultancy within IBM. AI, Spisak says, can “speed up the ability to respond to vulnerabilities and threats.”
Because AI constantly learns and evolves, its capacity for vulnerability management improves the longer it’s in place. “As it responds to things in a positive way, that feedback is fed into the system,” Spisak says. “It grows and gets better over time.”
AI will not replace analysts looking for threats, but it can help to identify AI cyber attacks faster so that they can “make better, more informed decisions about vulnerabilities as they happen,” Spisak concludes.
3. Maximize AI to Detect Network Security Cyberattacks
Because of the noise-to-signal ratio, network security is particularly challenging for colleges and universities, says Kayne McGladrey, CISO and CIO of Pensar Development and member of the technology industry group IEEE.
“Every university has a whole crop of new individuals who come into the organization on an annual or quarterly basis,” McGladrey explains. With such a frequent influx of new arrivals bringing their own devices and computers, it’s essentially impossible for university IT teams to control the sheer number of new endpoints.
AI can identify networking traffic, assess what “normal” looks like on a university network and do it at a larger scale that humans can accomplish. Thus, if a “faculty member normally arrives at 8 a.m., does work until 7 p.m. and then maybe logs on to her email at 9 p.m., you wouldn’t expect that individual to be up at 3 a.m. connecting from China. AI can monitor those patterns of normalcy,” he says.