From HAL 9000 to Skynet and the Nexus Replicants, sci-fi literature is filled with doom-laden prophecies of what might happen if we let the machines have their way. In cybersecurity, the rise of the robots has already begun, as we look to AI and machine learning to tackle advanced threats and plug serious industry skills gaps. These technologies are incredibly useful to us in the fight against online threats. But at NTT Security, we’re also careful not to hand too much power to the machines – not because we’re worried they might one day produce an army of killer Terminators, but because we know that human expertise is vital to the success of these systems.

That’s the value of managed security services providers (MSSPs): using the latest technology plus industry leading expertise to offer maximum protection.

Organisations around the globe seem to agree. In fact, new findings from our 2017 Risk:Value report reveal that 44% of firms are using or planning to use MSSPs. Nearly a third (28%) because of a lack of internal skills and 29% because they want access to better technology.

A skills cliff edge

We are heading for a cybersecurity skills cliff edge, with a global shortfall of industry professionals set to reach 1.8m by 2020. This is coming at precisely the time when nation states, financially motivated cyber criminals and hacktivists are stepping up their own efforts. The global WannaCry attacks proved just how unprepared organisations are to tackle sophisticated global threats.

More covert information-stealing raids are harder to quantify, but make no mistake they are happening all the time, and have the potential to cause even more financial and reputational damage. Given strict new compliance requirements – and major fines – set to land in May 2018 with the GDPR and NIS Directive, organisations can’t afford to let their lack of in-house expertise impact the business.

The value of MSS

Machine learning can certainly help to overcome skills shortages – we’ve been using it in highly effective ways for over 15 years. But who watches the watchmen? Ultimately, human eyes and expertise need to make sense of the data identified by these systems as relevant, and decide what is important. At NTT Security, we combine supervised and unsupervised machine learning, big data analytics and other techniques to find the proverbial needle in haystack, and then use our team of SOC experts to analyse that needle.

Highly sophisticated attacks are often composed of a series of isolated events – possibly days or weeks apart – which may seem harmless when viewed individually, but add up to a suspicious pattern. If you see someone suspicious one day scoping out your house, you may think nothing more of it. However, you might see that same person a few days later round the back of the house. A day or so after that you might notice your porch light isn’t working. These are all signs taken together that your place might get robbed. In cyber terms, this is where machine learning approaches can help identify the patterns that can indicate a serious threat – but you need that human enrichment to minimize errors and add true value. 

It’s perhaps no surprise, then, that we’re seeing attitudes towards using MSSPs changing.  Aside from the 44% using or planning to use a trusted third party to bolster their cyber defenses, a further 28% said they may consider doing so in the future. That’s good news for everyone, except the bad guys.