The cybersecurity talent shortage is a pressing concern for organizations today. We are set to hit 3.4 million unfilled positions by 2021, with 500,000 of those vacancies in North America alone. To offload some of the incident management responsibilities from InfoSec practitioners, Darktrace introduced a “Cyber AI Analyst” in September 2019. The Cyber AI Analyst is a new feature in Darktrace's flagship product, the Enterprise Immune System, and it functions as an “extra body” to intelligently create reports of suspicious activity on the company network that is worthy of investigation. The report uses language that reads as if it was written by a human and highlights the most relevant information so that IT can provide conclusions to their executives.
We obtained a demo of the technology with the interest of seeing how the Cyber AI Analyst feature worked, and it was impressive. The AI Analyst opened in a separate Incident Tray, with a list of the most pressing incidents at the bottom of the screen. Clicking on one of the incidents on the list opened a report on a suspicious file download accessed from an external endpoint.
The report contained a brief summary, a timeline of the incident from detection, connection information, and more details on the incident. While it was a detailed report, the brief summary at the top of the report effectively provided a quick rundown of the situation. The summary used terms that were understandable even to a nontechnical professional and provided insights without requiring a look at the details, including actionable recommendations on how to ensure systems were fully recovered from the incident. Additionally, we were shown how to translate the report into any language and even export it into a visually appealing, ready-for-management report.
Above: Image of Darktrace Threat Visualizer
Above: Image of Darktrace Incident Log
It can take several hours for a security analyst to compile information and create a report like the one Darktrace offers. Having a Cyber AI Analyst that can create reports quickly and at scale isn’t entirely necessary to securing your organization. However, you can certainly benefit from the offloaded task of synthesizing information and creating reports.
Spiceworks – which operates a community of IT professionals, marketplace, and free apps – has agreed to be acquired by Ziff Davis B2B, but says it will continue to prioritize and develop its products.
Microsoft is releasing free online courses for artificial intelligence. This is its attempt at remaining relevant in the AI space, so you might as well take advantage.
Network attached file storage has been around for decades but it is having a renaissance with scale-out and software-defined technologies. In spite of a range of disruptive storage technologies, organizations continue to need ever bigger file storage buckets and NAS can fill the need.