It’s been three years since WannaCry happened in May 2017, a month which will forever be etched in the memory of some of the largest global conglomerates. WannaCry is considered one of the most sophisticated ransomware attacks till date and spread like a raging wildfire, infecting more than 230,000 computer systems in 150 countries, and causing a reported loss of $4 billion. Ironically, Microsoft preempting the vulnerabilities had released patches two months before the attack but both consumers and companies did not recognise the gravity of the situation and failed to move quick enough to patch their systems.
What is even more unfortunate is that even after three years, Companies continue to be as vulnerable as they were in 2017. The popular Maze ransomware sprung back to life during the COVID-19 pandemic and multiple Fortune 500 companies such as Cognizant, LG Electronics, Xerox amongst others have already fallen prey to this attack in 2020.
This begs the question – have businesses not been able to take the correct preventive measures or are cybercriminals far too sophisticated and the white hats are only playing catch up?
While experts in the industry have spoken about the need of proactive and predictive cybersecurity, businesses continue to largely depend on traditional security approaches and vulnerability assessments to measure their security posture. But with the pandemic forcing most of us to operate almost exclusively on our screens, our identities are now locked in databases making the canvas of a hacker also expand.
Data science most importantly might be the next big answer to the world’s cybersecurity woes. In fact, multiple cybersecurity companies are now investing heavily into machine learning, artificial intelligence, data science and other related fields to edge ahead of the cybercriminals.
How can a data scientist help cyber experts?
“Data is the new oil” and it is what makes or breaks businesses today, in the 21st century. From large technology businesses to traditional brick & mortar logistic companies, everyone is analyzing user data to become profitable. This is what entices cybercriminals to hack into your data. By 2023, it is estimated that cyber-criminals will steal an estimated 33 billion records.
This brings us to the point of how data scientists can play a pivotal role in cybersecurity. A recent report from Indeed highlights that there has been a 29% increase in demand for data scientists year on year and a 344% increase since 2013. Learn more about the demand for data scientists. Cybersecurity is one of the prime drivers for this sharp increase in demand.
In simpler terms, modern data science involves studying, processing, and extracting valuable insights from a set of information making data scientists a key figure in the puzzle of predictive cybersecurity. Data scientists can use ML and AI to identify potential cybersecurity threats, and this allows them to predict risks based on past exploits and behavior patterns.
For example, with the help of data science, you can identify patterns on your e-commerce website and when it is hit with Distributed Denial of Service (Ddos) the most and take necessary steps to prevent it. Similarly, you might see that most of the network based cyberattacks in your organization happen at a certain period of time in the day.
Data science and cybersecurity have to function hand in hand
The adoption and implementation of data science help organizations to measure the effectiveness of their information security in better ways. Data scientists can feed machine learning algorithms with historical and current information about cyber intrusions. Machine learning algorithms is an impressive feature of data science and significantly increases the chances of detecting loopholes in an information security environment.
New-gen cybersecurity tools are continuously upgrading with data science capabilities including behavior-based analytics and responses into antivirus suites, firewalls, and traffic analyzers to make their products smart. In the last few years, cybersecurity as an industry has matured rather quickly with frameworks such as the NIST Cybersecurity Framework and the Federal Information Security Management Act (FISMA) to guide businesses towards applying best practices within their security strategy.
The challenge that most security & risk management leaders yet face is how to secure the black-box algorithms — products of data science programs — that learn and grow dynamically.
These analytics models are extremely dynamic and are highly valuable to enterprises. As a result of this, cybersecurity professionals will need to determine standards and methods for protecting these models and ensuring their integrity. To do so, they will need to protect these assets from the outside in and the inside out.
According to an IBM-Ponemon Cost of Data Breach report that was released before the pandemic, businesses across the world stood to annually lose a whopping $3.92 million on an average. With the pandemic increasing the dependency on digital by multiple-folds, this number has only increased.
Don’t let your organization contribute to this figure and start investing in data science and predictive, proactive and enterprise wide cybersecurity to be able to thwart the already sophisticated cyberattacks we are seeing.
For data-scientists, cybersecurity is not just another avenue of success and career, it is one of the most compelling opportunities that the modern day provides. As Albert Einstein had once said – “In every crisis, lies great opportunity.” and today, is your opportunity to make a difference.
If you are curious to learn more about data science, check out IIIT-B & upGrad’s PG Diploma in Data Science which is created for working professionals and offers 10+ case studies & projects, practical hands-on workshops, mentorship with industry experts, 1-on-1 with industry mentors, 400+ hours of learning and job assistance with top firms.