Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in order to attack the perimeter. Specifically, these types of attacks include DNS tunneling, attaching to Tor networks, and sending rogue authentication requests to directory services. Tom Gorup, security operations leader for Rook Security, said that in addition to these threats, "In general what we are seeing across the board is phishing, from wire fraud to distribution of malware. Generally we're seeing scans they're attempting to exploit."

Machine learning has moved enterprise security forward, allowing for visibility inside the network in order to better understand user behavior. However, malicious actors are using what is done with machine learning on the inside in order to attack the perimeter. Specifically, these types of attacks include DNS tunneling, attaching to Tor networks, and sending rogue authentication requests to directory services. Tom Gorup, security operations leader for Rook Security, said that in addition to these threats, "In general what we are seeing across the board is phishing, from wire fraud to distribution of malware. Generally we're seeing scans they're attempting to exploit."

File-encrypting ransomware programs have become one of the biggest threats to corporate networks worldwide and are constantly evolving by adding increasingly sophisticated detection-evasion and propagation techniques. In a world where any self-respecting malware author makes sure that his creations bypass antivirus detection before releasing them, enterprise security teams are forced to focus on improving their response times to infections rather than trying to prevent them all, which is likely to be a losing game. Exabeam, a provider of user and entity behavior analytics, believes that machine-learning algorithms can significantly improve ransomware detection and reaction time, preventing such programs from spreading inside the network and affecting a larger number of systems. Because the decryption price asked by ransomware authors is calculated per system, isolating affected computers as soon as possible is critical. Only last week the University of Calgary announced that it paid 20,000 Canadian dollars (around US 15,600) to ransomware authors to get the decryption keys for multiple systems.

In a world where any self-respecting malware author makes sure that his creations bypass antivirus detection before releasing them, enterprise security teams are forced to focus on improving their response times to infections rather than trying to prevent them all, which is likely to be a losing game. Exabeam, a provider of user and entity behavior analytics, believes that machine-learning algorithms can significantly improve ransomware detection and reaction time, preventing such programs from spreading inside the network and affecting a larger number of systems. Because the decryption price asked by ransomware authors is calculated per system, isolating affected computers as soon as possible is critical. Only last week the University of Calgary announced that it paid 20,000 Canadian dollars (around US 15,600) to ransomware authors to get the decryption keys for multiple systems. Exabeam's Analytics for Ransomware, a new product that was announced today, uses the company's existing behavior analytics technology to detect ransomware infections shortly after they occur.

File-encrypting ransomware programs have become one of the biggest threats to corporate networks worldwide and are constantly evolving by adding increasingly sophisticated detection-evasion and propagation techniques. In a world where any self-respecting malware author makes sure that his creations bypass antivirus detection before releasing them, enterprise security teams are forced to focus on improving their response times to infections rather than trying to prevent them all, which is likely to be a losing game. Exabeam, a provider of user and entity behavior analytics, believes that machine-learning algorithms can significantly improve ransomware detection and reaction time, preventing such programs from spreading inside the network and affecting a larger number of systems. Because the decryption price asked by ransomware authors is calculated per system, isolating affected computers as soon as possible is critical. Only last week the University of Calgary announced that it paid 20,000 Canadian dollars (around US 15,600) to ransomware authors to get the decryption keys for multiple systems.

File-encrypting ransomware programs have become one of the biggest threats to corporate networks worldwide and are constantly evolving by adding increasingly sophisticated detection-evasion and propagation techniques. In a world where any self-respecting malware author makes sure that his creations bypass antivirus detection before releasing them, enterprise security teams are forced to focus on improving their response times to infections rather than trying to prevent them all, which is likely to be a losing game. Exabeam, a provider of user and entity behavior analytics, believes that machine-learning algorithms can significantly improve ransomware detection and reaction time, preventing such programs from spreading inside the network and affecting a larger number of systems. Because the decryption price asked by ransomware authors is calculated per system, isolating affected computers as soon as possible is critical. Only last week the University of Calgary announced that it paid 20,000 Canadian dollars (around US 15,600) to ransomware authors to get the decryption keys for multiple systems.