Catch up on Part 1 here.
Security and autonomy almost feel like two puzzle pieces that shouldn’t fit together. But Larry Ellison, CTO of Oracle seems to have found a way.
Fully automated cyber security makes businesses queasy. As advanced as computers are today, we still see hacks in even the most secure databases. Consequently, we feel obliged to keep our finger on a kill switch for fear hackers will inevitably exploit a hole in our firewalls and encryptions. Even worse, we are afraid that if we set our system to automate a full lockdown, we will barricade ourselves out of valuable data.
But what about partial automation?
That’s the approach Ellison is bringing to the market. In his OpenWorld demonstration, Ellison showed how database security automation could detect and learn irregularities.
Say a sales executive suddenly logged in from an IP address in the Ukraine. Sure, that seems like atypical behavior, but maybe the executive is just traveling. However, the system knows it’s out of the norm. It makes a “mental note” and looks for additional inconsistencies. Perhaps then the database detects that the user also fails password attempts multiple times. Curiouser and curiouser. The system might send a warning to management of a potential threat. Suddenly, the user does a system query for high-value and confidential files – maybe ones he shouldn’t have access to. This is a huge no-no and the AI sends out a red alert. Management shuts down this would-be-hacker in real-time.
This scenario shows the system as an intelligent security monitoring and management system. Power to abort users still remains with an ascribed security specialist. But the system makes it significantly harder for attackers to navigate a database unnoticed. The human element insures that users aren’t just booted for accidental password mistakes or data mishaps. Instead, they are evaluated according to their threat level.
The purpose of automation in cyber security is to remove human error – often in the form of oversight. Ellison explains that because the database is autonomous, it patches in real-time. Assuming a threat does occur, once a security professional confirms the threat, the database repairs itself and learns to safeguard from future attacks.
Even with all of the security technology today, threats still slip through the cracks. It is important to stay ahead of security, but humans don’t have the attention span to stare at dataflow and wait for an inevitable hack. We need automation to further our security agenda. We need something to notify I us only when it is necessary so we can focus on the other, more profitable aspects of our business. Maybe Oracle is the answer.
Call 1-800-553-8159 to learn more about Five9