The curious case of data security: securing your information in a digital worldVivek Kumar
The age of the technological revolution is here. Sophisticated technology surrounds us everywhere we go. From smart personal assistants powered by Artificial Intelligence (AI) to self-driving cars, technology has permeated almost every aspect of our lives. However, the more sophisticated technology becomes, the higher becomes the atrocities of cybercrime. Organizations around the world continue to face data breaches and cyber threats from highly experienced and skilful cybercriminals.
Data isn’t safe anywhere
With cybercrime on the rise, IBM’s Chairman, CEO, and President, Ginni Rometty, maintains that data security breaches or “cyber crimes” is today the greatest threat to companies across the globe. According to a Juniper Research study, by 2019 the estimated cost of global data security breaches will reach $2.1 trillion! In the light of the recent data security leaks by Facebook, it can now be concluded that data isn’t safe anywhere, or from anyone. By now, almost every Facebook user is aware of the fact that the social media giant tracks their every move. Earlier this year, in April, Facebook released a 222-page document before the US Congress, admitting to tracking user data in myriad ways.
From monitoring and tracking mouse movements of users to gathering information about the devices, browsers, mobile operators, ISPs, and IP address of users, Facebook has gone to extreme lengths to collect user data. Testifying before US Senators, Facebook CEO Mark Zuckerberg defended the firm’s mouse tracking activity by stating that Facebook tracks mouse movements of users to determine whether they are humans or bots.
Is AI the next big threat to data privacy?
Today, Artificial Intelligence (AI) is penetrating industries and businesses exponentially. Even though AI technology is making our lives much more convenient and comfortable, there are repercussions of this technology. AI is all about leveraging data and ‘learning’ from data. AI systems require way more information (data) than humans to understand and learn concepts or recognize features. This is where the question arises – can AI technology be leveraged to misuse data?
The answer is yes. According to the Malicious Use of Artificial Intelligence report, AI brings with it myriad possibilities of threats in the spheres of cyber, political, and physical security. The report further maintains that as AI technology continues to become more sophisticated and advanced, it will become easier for cyber-criminals to violate data security and carry out cyber attacks leveraging AI technologies such as automation. Cyber criminals can use AI to automate specific tasks associated with cyber attacks, thereby boosting the efficacy of attacks significantly.
Thus, we cannot ignore the fact that the opportunities for cyber threats are ripe even in the digital age, where we have access to advanced technologies such as AI. Cyber-criminals will continually try to find loopholes in these developing technology infrastructures and use them to their advantage if proper measures are not made to stop them.
The Machine Learning advantage
In the light of ever-increasing cyber-crime, Machine Learning could be the answer to data security issues. ML technology can be leveraged in numerous ways to fortify data security and prevent data breach.
First, ML applies pattern-matching and constraint-based algorithms to analyze the behaviour patterns of users accessing systems containing sensitive data. While compromised ID credentials and passwords are the two most common types of data breach, it can be prevented by using ‘risk-based’ ML models that “learn” from human behaviour. As ML models continue to learn human behaviour, user authentication processes improve significantly.
Second, using ML technology, companies can apply predictive analytics to the data sources that are most vulnerable to security threats. With predictive analytics, ML can increase the visibility of potential security threats along with threat identification at such a sophisticated level that facilitates both predictive response and incident prevention. Today, hackers use covert malware to track and hack critical data from corporate servers, and their techniques are so advanced that monitoring and re-mediating malware is quite a challenge. However, machine learning algorithms have already been embedded in SAP S/4HANA.
This helps monitor suspicious breach activities arising from both social media and the “dark” web. For instance, Google leverages machine learning to identify and mitigate malware from infected Android handsets as well as to detect and analyze threats against mobile endpoints running on Android.
Although ML technologies are still developing, they are showing immense potential to counter cyber-crimes and data security threats. Today, the Internet is buzzing with highly informative and resourceful Machine Learning and Artificial Intelligence courses. Since job prospects in AI and ML across various industries are increasing by the day, it is a great time to start off your career in these fields with the help of introductory and advanced online courses. Organizations are constantly on the lookout for talented data professionals who can skillfully leverage AI and ML technologies to add value to their organizations.
Reclaiming your digital privacy
Although we no longer have much privacy left in the digital realm, yet it is not too late to reclaim our data privacy. For long, users have been exchanging their privacy rights for accessing the facilities of web and mobile apps, without even realizing it. Facebook is an excellent case here. For instance, let’s take Facebook Connect. While Facebook Connect is a very convenient app that allows users to access multiple websites using their Facebook credentials, every single click by a user could give the social media giant the right to harvest personal data. How many of us really thought about these serious privacy issues before the Facebook controversy came to the fore?
Unlike before, users today have the choice to take charge of their personal privacy in the digital domain. GDPR, or the General Data Protection Regulation, is a massive step towards protecting personal privacy. Replacing the Data Protection Directive (DPD) and The UK Data Protection Act 1998, GDPR was approved by the EU Parliament on April 14, 2016. From May 25, 2018, GDPR became a fully effective law throughout all the 28 states of Europe. While GDPR seeks to protect personal data of European citizens, it also demands that every organization in possession of personal data should discard “irrelevant and outdated personal data”.
GDPR identifies personal data as anything that’s directly or indirectly linked to an individual, be it a name, an image, an email address, social media posts, and even an IP address. Everything is subject to the same statutes under GDPR and must be protected diligently. This is indeed a significant step that the EU Parliament has taken to help citizens take greater control of their personal data, and also protect their online privacy. It is an example for the rest of the world.
As long as technology will continue to advance, the instances of cyber-crimes and threats posed by cyber-criminals will also become more sophisticated and complex. But, it is up to us to find creative ways to leverage innovative technologies to protect our data.
Vivek Kumar is the President of Consumer Revenue at UpGrad, an online education platform.
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)