Cybersecurity
A magnifying glass is held in front of a computer screen in this photo illustration taken in Berlin on May 21, 2013. Reuters/Pawel Kopczynski

Cybersecurity firm Cylance offers products and services that help prevent cyber threats and malware. The firm helps hundreds of enterprise clients around the world, including Fortune 100 organizations and government institutions.

Cylance Chief Product Officer Rahul Kashyap talked to International Business Times about how artificial intelligence is boosting cybersecurity and about products his company offers.

How has artificial intelligence improved cybersecurity?

Artificial intelligence is currently improving enterprise cybersecurity in two primary ways. First, it addresses the need for security teams to rapidly scale their response to meet the dramatic rise in the volume and varieties of malware being fired at their networks on a daily basis. People don’t scale; algorithms do.

Secondly, AI and machine learning are ideal for evaluating whether a program that’s attempting to execute on network endpoints is benign or malicious. This was the idea behind the founding of Cylance five years ago: teach a machine to recognize the characteristics of good and bad programs before those programs begin to run. Over five years of training, the mathematical model in CylancePROTECT has learned to recognize hundreds of thousands of “features” of benign and malicious code. The rapid maturing of the system is what allowed a nearly two-year-old model of CylancePROTECT to recognize WannaCry as malicious and instantly quarantine it.

STRUCTURE SECURITY -- USE THIS ONE
Newsweek is hosting a Structure Security Event in San Francisco, Sept. 26-27. Newsweek Media Group

How exactly does Cylance understand and predict an attacker’s mentality?

Cylance team was built [and] was co-founded by Stuart McClure and Ryan Permeh. Stuart was the lead author of “Hacking Exposed,” the first and still most authoritative book on the ways that threat actors attempt to infiltrate networks and exfiltrate sensitive data and intellectual property. We’ve often said that the ways that attackers attempt to break in and steal what isn’t theirs hasn’t changed since networks were first created.

Malware strains may mutate, phishing scams may become more sophisticated, but the underlying tactics for penetration and ultimate control of networks remain the same. Cylance has trained its machine-learning model and the resulting algorithms that protect endpoints to recognize the characteristics of malicious code based on hundreds of millions of strains of malware. Our Cylance threat analysis team continue to study new malware every day and we continually train our AI model. However, the basic ways that attackers attack are the same as they were in 1999, when the first edition of “Hacking Exposed” was published.

What is Cylance’s most popular product and how does it work to protect clients?

CylancePROTECT is Cylance’s flagship product, and it protects our customers every day around the world by running silently in the background, requiring no daily updates, and by blocking nearly all malware types without requiring intervention by security teams. Third-party testing over the past year has shown time and again that CylancePROTECT blocks from 98-99.69% of malware types, including those that have been packed or mutated and are routinely missed by traditional antivirus products.

We recently released CylanceOPTICS, an endpoint detection and response (EDR) tool for security teams who want a simple way to gather contextual information about threats that CylancePROTECT may have blocked – such as how the malware first got into the system – and to rapidly arrest the fewer than 1% of attacks that weren’t automatically blocked and quarantined. This year we also released CylancePROTECT Home Edition for the protection of our customers’ employee home devices. After all, malware works from home just like employees often do.

What is the biggest cybersecurity challenge for Cylance?

We are constantly working on ways to simplify security for organizational security teams, who are typically overwhelmed with threats and alerts. Our approach to security is to focus on simplicity and scale. In actual practice, these two things are incredibly hard to implement and architect. We need to continue to innovate and convert complex security problems into simple, understandable solutions, and my team at Cylance is committed to leading the way.

If you had to give only one piece of cybersecurity advice to an ordinary citizen what would it be?

I really have two pieces of advice, both important. The first is to use different and somewhat complex passwords for every online site that stores any of your personal information, and to use a phrase containing both words and numbers that is meaningful and easy for only you to remember. The second is not to click on any links or attachments in emails that appear to be unusual in any way, such as emails about package delivery coming at a time when you haven’t placed an order and aren’t expecting deliveries.