The current approach to network security is compliance—what the auditor tells you that you need. The focus isn’t necessarily making the network more secure; rather, making it more compliant with newer standards such as Payment Card Industry Data Security Standard (PCI-DSS). While this is the current landscape, it isn’t ideal for catching new and emerging network and application security threats.
There’s a new generation on the horizon and it is approaching fast. Emerging technologies in network security involve artificial intelligence (AI) running and integrating with the security space both physically and virtually. Properly tuning AI allows it to identify patterns much quicker than humans. For example, imagine a user who leaves for an afternoon coffee break. This user accidentally leaves their computer unlocked. Now imagine an AI solution that is able to tap into the organization’s Active Directory and the user’s local system. It then assesses that the user’s system is idle and that the same user has badged out of their office building. The AI system automatically locks the user’s desktop and notifies them that it has taken this action.
It identifies when the user’s account is accessed remotely (presumably for malicious purposes) and taps into the firewall to block access from that IP address. Thus, it disables the user’s account until they have badged back into the office, or until another condition is met to re-enable the account. AI can also use facial recognition from security cameras to recognize when users are in the building.
This technology is now possible and could very well be where the network and software security industries are leading.
The Agile Security Manifesto