It’s a fitting coincidence that Roger Moore made headlines on the day I interviewed David Masson.
Moore, whose passing was announced that same morning, was the most famous spy on the silver screen. Although Masson is the Canadian country manager for British cybersecurity firm Darktrace (which sounds like the title of a James Bond movie), he has a bit of a Bond-like history himself.
“I actually come from a government intelligence background,” Masson says.
“Can you tell me more about your government intelligence background?” I press him. “Or would you have to kill me then?”
“No,” he deadpans. “You can just take a look at my LinkedIn profile.”
So I do.
He’s from Scotland, just like original Bond actor Sean Connery. He speaks four languages, including Russian and Turkish. (Agent 007 was fluent in five languages and proficient enough at four others to charm his way out of any jam — except for co-starring with Denise Richards, apparently).
Besides serving in the U.K.’s Royal Auxiliary Air Force, Masson held security posts at the Scottish National Health Service, the British defence ministry and Public Safety Canada. His private sector experience includes anti-fraud work at AIG.
As he sums it up, “I’ve seen cybersecurity go from analogue to digital.”
In other words, he’s been working in IT security since way before the math geeks took over.
Not that Masson doesn’t respect the math geeks! He points out that algorithms are the key to Darktrace’s AI-based cybersecurity solutions. “We’re basically using machine learning and mathematics to help find anomalies in computer networks,” he says.
When WannaCry ransomware recently hit 300,000 computers in 150 countries, Darktrace was put to the test. Although some clients in the U.K. and Middle East were infected by WannaCry, Masson says Darktrace software detected the scourge “within seconds or minutes” and “nipped it in the bud.”
This very idea — that you can nip a cyber threat in the bud — is a seismic shift from the more recent prevailing attitude that, 1) breaches are inevitable, and 2) it’s more realistic to focus on mitigation and recovery instead of aiming for actual prevention.
The three A’s — AI, algorithms and automation — have made that shift possible. Now AI is gaining ground throughout the cybersecurity sector, even beyond startups like four-year-old Darktrace. And vendors such as Cylance Inc., which calls itself “an AI-based endpoint security company,” are helping it along.
This couldn’t come at a better time.
Most companies hit by ransomware do end up paying the hackers, according to a Scalar/Ponemon Institute survey of 650 IT pros released in February. Only 21 per cent of surveyed companies that were victimized by ransomware bothered to report the attack to law enforcement.
Why do so many corporate ransomware victims pay up and clam up? Scalar’s CTO Neil Bunn has a few theories.
“Lots of people don’t want to go through a big investigation,” he says. “And it’s hard to believe your local (police) will ever get to the bottom of it.” Since many ransom demands are relatively low, most victimized companies quickly pay up because they “feel they’ll spend more than that on recovery,” he says.
In reality, Bunn says they don’t incur higher costs unless they actually have to access that data after a disaster.
Will the new AI-based, nip-it-in-the-bud cybersecurity lessen (or wipe out) the need for these types of backup and recovery systems? It’s too early to tell. Bunn does say something during our interview that could prove cautionary for anyone placing all their cybersecurity bets solely on AI.
“It’s not about one product. I see those things and they drive me crazy,” he says, not referring to a specific security vendor or solution. “There’s not a silver bullet. But there’s lots of lead bullets.”
He may be right; James Bond used more than one weapon against the bad guys. Even if AI doesn’t turn out to be the silver bullet of cybersecurity, it’s a powerful addition to the arsenal. As WannaCry proved, we need all the firepower we can muster.