5 Minutes With: Sam Linford, VP EMEA Channels, Deep Instinct
Tell me about Deep Instinct and how it hopes to reduce stress in security teams?
Deep Instinct, founded in 2015, is the first company to apply end-to-end deep learning to cybersecurity. Our deep learning framework is one of only six in the world, and furthermore, is the only purpose-built deep learning framework dedicated to cybersecurity.
Through our deep learning solution, we shift organisations’ focus from responding to cyberattacks to preventing them pre-execution. Our deep learning brain can also go one step further by stopping zero-day malware and ransomware threats, with both superior accuracy and speed compared to other endpoint protection platforms (EPP).
Thanks to our advanced solution, we are able to take the stress and pressure off security teams by stopping the fastest cyberattacks before they enter the network or compromise endpoints, causing irreversible damage. Additionally, with such advanced processing power, security teams can see an immediate drop-off in mundane tasks such as false positives.
These claims are even backed by Lance James and his Unit-221B team, who validated that the Deep Instinct Prevention Platform can prevent malware execution with >99% accuracy and detect malware and attacks with <0.1% false positives.
Why is there so much stress and pressure placed on the C-Suite and the fear felt by those whose decision it is to pay ransom demands?
The cyber threat landscape has grown exponentially, and the task of protecting networks against sophisticated cyberattacks becomes increasingly more difficult. Ultimately, the pressure felt by cybersecurity professionals has resulted in them not only leaving their employer but the industry itself.
Deep Instinct’s research has shown that 49% of UK professionals have considered quitting the industry due to stress, with the unrelenting threat from ransomware and the fear of the next supply chain attack the primary factor. Furthermore, the situation is only getting worse, as nearly half felt their stress had measurably increased over the last 12 months.
It is not only the fear of when an attack will come but the pressures exerted when a ransomware attack hits. When ransomware attacks breach an organisation’s network, correct decision-making is crucial – it can be the difference between an enterprise surviving a cyberattack unscathed or it costing millions. This pressure normally ends up falling on the laps of C-suites and security leaders, and unfortunately, not all can handle the pressure.
Research by Deep Instinct found that 41% of UK professionals were worried an attack would negatively harm their future prospects, regardless of whether it was not directly their fault. Furthermore, 31% of individuals are concerned that they lost the trust of their colleagues and team. Because of the high levels of stress and paranoia experienced by individuals, it is nearly impossible to enjoy your time at work, which ultimately results in people leaving the industry.
How can organisations stop a cycle of stress and prevent themselves from becoming the victims of ransomware attacks in the first place?
Clearly, the mindset of reacting and mitigating cyberattacks is not working – ransomware attacks are continuing to grow, and it is pushing people away from the cybersecurity industry. Endpoint Detection and Response (EDR) tools that work on a reactive and mitigation approach are increasingly being evaded by the latest malware and techniques used by threat actors, and therefore, these solutions alone are not enough to guarantee protection against such attacks.
Therefore, organisations should flip their mindset by looking to prevent ransomware attacks. Having a prevention-first cybersecurity strategy means that security teams are able to stop ransomware attacks before they encrypt files and data. This would immediately lift the stress off security teams, as they would no longer feel like sitting ducks waiting for the inevitable ransomware attack to hit and wouldn’t have the pain of trying to recover their stolen data. Once there is acceptance, you then need to start implementing solutions which will help encourage a prevention-first strategy.
AI has proven to be an extremely useful tool in shifting an organisation’s mindset towards prevention-first. There is a consensus among cybersecurity professionals that AI-enabled tools are highly effective against sophisticated ransomware attacks. Our research has backed this claim up, with 47% agreeing that “they need greater automation through AI/ML to improve security operations,” and 79% saying they would rather depend on AI than humans to hunt threats.
Why is AI recognised as having the potential to reduce critical productivity challenges? What challenges can it help with?
While conventional machine learning-based security can provide support against known threats, it does have its limitations when it comes to zero-day threats and false positive rates. Therefore, organisations need to look towards advanced AI-based solutions such as deep learning, which can accurately prevent ransomware threats in real time with little human input.
Deep learning is developed through neural networks that are designed to mimic the human brain. The neural networks are trained on massive sets of raw data samples consisting of millions of files, with the deep learning “brain” independently teaching itself to detect which files are malicious and which ones are benign.
This results in the extremely intelligent system being able to stop the fastest known ransomware attacks in less than 20 milliseconds, this even includes unknown and zero-day threats. By preventing ransomware attacks, security teams can finally end the stressful situation of detection, response, and mitigation.
As well as quickly stopping threats, deep learning is able to identify them more accurately. Our research shows 85% of respondents spend on average, nine hours a week dealing with alerts caused by false positives. Even worse, a quarter admitted to turning off the ‘too noisy’ alerts altogether because they’re overwhelmed and don’t have the time to pay attention to them. This is ridiculous, especially when you consider that no other area of the business would allow such wastage.
However, with deep learning the majority of false positives are dealt with automatically. Security teams then have the time to properly deal with genuine security vulnerabilities, which not only secures the network, but means that employees see their work is having a meaningful impact on the business.
We know that cybersecurity industry can be a cool and fascinating job, however, not everybody gets that experience. It is equally important that along with inventing the coolest and latest ground-breaking technology, we also make it an industry that every single individual can love and not feel stressed, with deep learning this can be achieved.
What's next for Deep Instinct?
Deep learning technology has recently come into the mainstream with some of the biggest tech giants, such as Google, Netflix, Amazon, and Tesla, now using it to support their services. As we continue to develop deep learning, cybersecurity will be seen as the natural evolution of the technology.
We at Deep Instinct will continue to push the message of using deep learning to help support a prevention-first mindset. We will continue to adapt the solution to fight against future cyber threats across endpoints and also data in transit with our new Prevention for Applications solution.