Security Experts:

Lost in Transformation: How AI is Saving DX Projects

Securing Digital Transformation Projects Isn’t as Straightforward as Buying More Security Tools or Hiring More Security Professionals

Writing about digital transformation (DX) projects already feels a tad old-fashioned. At a time when virtually every organization is virtual to some extent, and in a year when the world will consume twice as many bytes of data as there are stars in the observable universe, you’d be hard-pressed to find a company that isn’t digitizing their operations. For the foreseeable future, the global economy itself could be described as one enormous, frantic, and constant digital transformation project.

Yet it is precisely this frenzy to keep pace with the march of progress that renders DX more relevant — and more perilous — than ever before. As businesses rush to implement some bespoke combination of cloud, mobile, and IoT infrastructure, security is often not involved in all aspects of that process. A recent survey by PwC found that while emerging technologies and their successful implementation are critical to most businesses, far fewer organizations are confident they have sufficient security controls in place.

It should be noted that most companies do recognize the need for robust cyber defenses in general — the record $114 billion they spent on such defenses last year represented a 13% uptick from 2017. The increasing impact of online attacks, however, reveals that safeguarding DX projects isn’t as straightforward as buying more security tools or hiring more security professionals. Compared to digital transformation initiatives of the past, when businesses adopted traditional IT and worried about conventional malware, modern DX undertakings introduce exponentially greater network complexity, while the threats these networks face can neither be detected nor contained using previous methods. 

Same players, whole new ball game

Because the nature of digital transformation has itself transformed, our approach to cyber security must evolve as well. For one, IoT devices like smart thermostats and connected refrigerators are designed to maximize convenience, meaning that many lack even rudimentary controls. An even more significant blind spot is the cloud, where many companies don’t bother looking for malware, under the assumption that cloud service providers will shield them from attack. Yet Gartner anticipates that 99% of cloud security failures will be the customer’s fault through 2023, in part because developers can now spin up a cloud instance in minutes without consulting their company’s security team. 

For non-technical executives, many of whom have overseen digital transformation projects for a decade plus, this evolution of the cyber-threat landscape is hard to notice and even harder to address. Further complicating matters is the fact that such projects — from IoT deployments to SaaS migrations — entail rapid changes to workflows and network topologies. Meanwhile, common security tools likes SIEMs typically take at least six months to configure and need constant feeding. It’s easy to see why digital transformation managers are tempted to ignore security concerns altogether in the context of these conventional tools, because, at best, they make DX a far slower proposition.

At worst, the conventional approach to cyber defense renders digital transformation untenable, since it fails to secure the vulnerabilities exposed by current computing models. The reality is that these vulnerabilities are still poorly understood, and with each new IoT device and cloud application, additional attack vectors emerge. Sophisticated criminals are exploiting the situation by creating novel strains of malware on a daily basis; in 2019, there has been a significant year-over-year increase in IoT attacks and a rise in cloud attacks. Such novel threats are the kryptonite of legacy tools, which are programmed to spot known indicators of compromise. 

Finding truth with AI

Given that digitally transforming organizations are characterized by their dynamism, the security tools they deploy must be able to adapt ‘on the job’ — rather than predefining malicious behavior with fixed programming. The latest cyber AI security tools aim to do just that. By continuously learning and refining what constitutes normal activity for each unique user, device, container, and virtual machine that they safeguard, these tools reveal the novel attacks and shifting vulnerabilities that accompany DX projects. 

Moreover, the applications of cyber AI extend well beyond security. One of its most profound benefits is speed, since its self-learning nature allows companies to achieve visibility over newly adopted cloud services within hours — as opposed to manually configuring other tools to do so over several months. In addition to dramatically expediting DX projects, AI platforms also reduce their costs by calling attention to cloud instances that have accidentally been left active, as well as by laying bare redundancies caused by insufficient internal communication. This latter point is perhaps the most important takeaway: ensuring that digital transformation projects succeed entails unifying many disparate technologies, workstreams, and initiatives run by isolated departments. 

Around the globe, the race is on to deploy the latest technologies just a little bit faster than the competition. But winning this race in the short run could have disastrous implications in the long run — at least without proper due diligence. Digital transformation projects today are extraordinarily complicated ventures that introduce thousands, even millions of new connections between users, devices, and virtual machines. In theory, these connections facilitate vastly streamlined communication. In reality, they bring the potential for stultifying complexity, impassable security roadblocks, and fundamental ambiguity over who exactly holds the keys to the kingdom. For all these reasons, according to Forbes, 84% of digital transformation projects fail to achieve their goals.

As executives, developers, security teams, and third-party vendors struggle to exert their influence on digital transformation — often without the other parties’ knowledge — online threat-actors are exploiting the chaos for their own gain. Cyber-attack has become, by far, the most significant risk facing the modern enterprise, a risk exacerbated by ignoring security corners and by employing legacy tools that keep DX initiatives in the dark. Saving digital transformation therefore requires shining a light on the entire process, across the entire enterprise, in real-time. It requires finding truth amid uncertainty. In other words, it requires AI.

view counter
Justin Fier is the Director for Cyber Intelligence & Analytics at Darktrace, based in Washington D.C. With over 10 years of experience in cyber defense, Fier has supported various elements in the US intelligence community, holding mission-critical security roles with Lockheed Martin, Northrop Grumman Mission Systems and Abraxas. Fier is a highly-skilled technical officer, and a specialist in cyber operations across both offensive and defensive arenas.