Artificial Intelligence and Machine Learning Play a Role in Endpoint Security
ML-enhanced endpoint protection can keep schools safe from cyberattacks. Here are three benefits district leaders will find when investing in this advanced technology.
Long before the pandemic, K–12 cyberattacks were a serious concern. The shift to remote learning has only increased the danger. “Supporting digital transformation initiatives and a remote work model has led to a dramatic increase in the exposed edges of the network,” says Bob Turner, field CISO of higher education at Fortinet. “At the same time, malware, ransomware and other threats continue to challenge schools by exploiting inconsistently protected endpoint devices.”
The effects of an attack can be significant. IBM’s “2021 Cost of a Data Breach Report” notes that it can take an average of 287 days to identify and contain a data breach — and the longer it takes to identify, the more costly it becomes.
K–12 institutions have discovered an emerging solution: machine learning–enhanced endpoint protection. A type of artificial intelligence, machine learning uses immense computer power and algorithms trained on large amounts of data. It learns comprehensively to apply the knowledge it gains to monitor and render insights at a scale beyond human ability.
Traditional endpoint protection is reactive, responding once something has happened. Endpoint protection with machine learning is proactive, capable of studying an almost limitless amount of network traffic, logging information and app installations for anomalous activity. “Security technologies with artificial intelligence capabilities have the potential to anticipate attacks and counter them in real-time,” says Turner. “Given that cyberattacks occur in seconds, the speed brought by AI-driven security technologies is crucial.”
That’s not the only benefit. Here are three more:
1. Scale Security as Endpoints Increase
Because of the recent shift to remote learning, the number of endpoints has exploded. “Thousands upon thousands of new Chromebooks just magically appeared out of nowhere at school divisions that never had a one-to-one program before,” explains Tim Tillman, CTO of Chesterfield County Public Schools in Virginia. That’s created a significant challenge.
Protecting so many users and devices from cyberattacks is no easy task. “These environments are really hard to lock down because they sprawl,” says Victor Marchetto, senior information security field architect at CDW.
ML-enhanced endpoint security can sprawl easily because it’s not limited by number of endpoints or geography — only by the budget to acquire it from a service provider and computer power. It can cover all the additional devices that have made their way into school ecosystems without any strain or loss of performance.
2. Relieve Understaffed K–12 IT Teams
School districts have long struggled to meet their cybersecurity staffing needs. “They’re like a small business in terms of staffing, but they’re more like a big enterprise in terms of scale,” says Nicko van Someren, Absolute Software’s CTO.
Tillman can attest to that. “I have 65 schools and 65,000 students,” he says. “I have one person who does cybersecurity.”
The recent expansion of endpoints has only increased the challenge of hiring sufficient staff to protect schools, especially with the growing threat of ransomware attacks heightening the stakes.
The “machine” part of machine learning means a smaller staff isn’t a concern. ML can do the work of several people, and do it with a singular focus not possible when staff members, teachers or IT leaders are pulling double duty as the resident cybersecurity professional.
That’s not to say AI/ML is a replacement for humans. While AI-driven security solutions can be configured to automatically respond to threats, they will also notify staff as appropriate — but only under certain conditions, ensuring staff can go about their regular work of managing the technology environment until a true threat appears.
3. Save the District Money with Advanced Protections
K–12 districts often don’t have significant cybersecurity budgets. That’s partly why endpoint protection is so underfunded. Machine learning offers a cost-effective solution. “It’s about helping them do more with less,” says Someren.
AI/ML can offer enhanced protection, without increasing staff or putting a major dent in a school’s budget. Because machine learning is advanced technology, it may not be cheap. However, “one dollar spent on the preventive response capabilities of any organization is going to equal five or six dollars spent dealing with a disaster,” says Marchetto. “It’s definitely more expensive to have to deal with a fire than to buy a fire extinguisher.” That’s especially true as, increasingly, the cybersecurity insurance market refuses to provide policies to school districts unless a certain level of a security has been met.
Despite the ability of ML-enhanced endpoint protection to improve security, schools should not depend solely on it. Security training and awareness among administrators and staff is still crucial. “Effective cybersecurity balances people, processes and technology,” says Turner. What AI-driven endpoint protection offers is a comprehensive safety net — one that is kind to budgets, supportive of staff limitations, can scale with the rise of remote learning and provide peace of mind.
This article originally appeared on edtechmagazine.com, to read the full article, click here.
Nastel Technologies is the global leader in Integration Infrastructure Management (i2M). It helps companies achieve flawless delivery of digital services powered by integration infrastructure by delivering tools for Middleware Management, Monitoring, Tracking, and Analytics to detect anomalies, accelerate decisions, and enable customers to constantly innovate, to answer business-centric questions, and provide actionable guidance for decision-makers. It is particularly focused on IBM MQ, Apache Kafka, Solace, TIBCO EMS, ACE/IIB and also supports RabbitMQ, ActiveMQ, Blockchain, IOT, DataPower, MFT, IBM Cloud Pak for Integration and many more.
The Nastel i2M Platform provides:
- Secure self-service configuration management with auditing for governance & compliance
- Message management for Application Development, Test, & Support
- Real-time performance monitoring, alerting, and remediation
- Business transaction tracking and IT message tracing
- AIOps and APM
- Automation for CI/CD DevOps
- Analytics for root cause analysis & Management Information (MI)
- Integration with ITSM/SIEM solutions including ServiceNow, Splunk, & AppDynamics