NETSCOUT: How Are Cyber Threat Actors Using AI?

NETSCOUT CTO Darren Anstee Shares Expert Insight Around How AI Is Being Used by Cyber Threat Actors, and How Businesses Can Best Defend Themselves

Darren Anstee is the Chief Technology Officer for security at NETSCOUT, a leading provider of performance management, cybersecurity, and DDoS protection solutions. In his role, Darren focuses on helping network operators, whether enterprise or service provider, manage the risks they face as technologies and business needs evolve.

The cyberthreat landscape continues to develop, with threat actors using more sophisticated attack vectors and methodologies and organisations struggling to protect themselves as they embrace hybrid multi-cloud infrastructure and hybrid working. Anstee explores the near future of cybersecurity for companies looking to tighten their belts as the global socio-economic landscape remains unsettled. 

The evolution of cyberattacks and cyber defense: AI and beyond

“Cybercriminals are likely to take advantage of artificial intelligence (AI) automation, using it to increase their success in a wide range of nefarious activities. Looking at distributed denial of service (DDoS) attacks specifically, expert systems that can optimise the attack vectors that threat actors deploy, based on reconnaissance scans and real-time performance test results, will become more mainstream,” Anstee says.

“AI is coming up more and more, with the technology already being used in lots of different ways. For example, AI is being used to isolate threat intelligence both more quickly and with greater efficacy, helping organisations to better defend themselves. Generative AI is being used to provide natural language assistance during threat analysis, helping organisations maximise the effectiveness of those in their SOC. As well as this, more ‘traditional’ AI is being used to help identify anomalies that would otherwise be missed.  All of this is expected to continue, with results improving further as we all learn more.

“However, there is a caveat – the old IT adage of ‘Garbage In Garbage Out’ still holds true. If you feed in poor data, you will likely get poor results, regardless of how sophisticated your algorithms are. To that end, where customers are looking to use AI, both for security and operations, there is an increased focus on acquiring datasets that balance collection and storage efficiency with the highest fidelity, to drive the best results from AI investment.”

Best practices for wider cyber defence 

“It is imperative for all enterprises to have an overall security strategy, broad enough to cover proactive risk identification and qualification, technology selection, and intelligence sourcing and use. It’s also key that the security technologies utilised should provide consistent visibility across the enterprise, removing blind spots at internal or external borders, and facilitating consistency through the detection, investigation, remediation, forensics and reporting workflow. Adding to this, the whole ecosystem should be as integrated as possible to reduce operational overhead and accelerate response,” he continues.

“Also, as per the Code of Practice on cybersecurity governance recently published by the UK government, the importance of an incident handling plan cannot be overestimated. This should be tested quarterly - or at worst every half year to keep it up to date – create familiarity and optimise processes.

“And, last but not least, we have to take everyone with us on the journey toward better security. Everyone must understand that they have a role to play in securing their organisation’s data and processes. This means that employees have to actually take on board the fact that failure to adhere to policies and best practices could have a significant impact on the business as a whole, as well as their career. 

“This goes beyond just clicking through an annual set of mandatory security training – this IS about culture – it’s about integrating security messages into communications from leadership, in inter-departmental reporting and into every other aspect of day-to-day business activity, so that security is always a consideration whether we are in the office, at home, or in a coffee shop.”


Make sure you check out the latest industry news and insights at Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024


Cyber Magazine is a BizClik brand 



Featured Articles

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

See Below for a Newly Announced Speaker List for Tech Show London 2024, as it Promises to Showcase Technology Trends Will Impact Various Sectors

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Security