2017 was a challenging year for cyberattacks. In May, the WannaCry Ransomware attack affected more than 400,000 machines in more than 100 countries, impacting big businesses like the NHS, Telefonica and FedEx.

But, WannaCry was just the tip of the iceberg. Shadow Brokers, Petya and Wikileaks have all surfaced, locking data from thousands of businesses and putting them out of pocket.

So, how can we begin to strengthen our current state of threat protection? Machine learning, that’s how.

Before we begin: what is machine learning?

Machine learning works by overlaying separate sets of company data for an AI to monitor. Each dataset is measured against the other, using pattern recognition to detect anomalous activity which is then flagged.

By 2021, machine learning in cybersecurity is predicted to boost spending in big data, intelligence and analytics, reaching highs of £71.9 billion. Intelligent threat protection has never been more essential, especially considering the average cost of a data breach is £2.6 million per incident, a price many SMEs just can’t afford to pay. As a result, AI-enabled technologies are becoming more popular.

But how is machine learning impacting threat protection?

Cybersecurity experts have long used data analytics to make sense of security alerts and warnings but as devices multiply and files lengthen beyond human endurance, machine learning tools can step in to monitor more data and detect anomalies at a faster pace, flagging threats at an earlier stage, all without human intervention.

Microsoft’s Advanced Threat Analytics is a leading example of this new wave that is helping firms become more proactive in their approach to cyber protection by offering a real-time view of an attack timeline.

Machine Learning and advanced threat protection

New operating systems like Windows 10 are pushing the boundaries on agentless threat protection. For instance, its integrated applications like Windows Defender Advanced Threat Protection (ATP) can harness machine learning to seamlessly monitor data, detect threats and then contain those threats. This is done with minimal input from employees and without the need for software deployment.

However, for many businesses, one integration isn’t always good enough. Large companies often use multiple data centres across the globe, which store huge quantities of sensitive information, including employee records and client transactions. Consequently, more efficient, proactive and focused security measures are required, and a more targeted approach is vital to threat protection.

Narrowing the scope for maximum security

Machine learning brings security up-to-speed with technological change, and it’s giving many businesses their security and peace of mind back.

For maximum strength, however, the deployment of a more targeted product is essential. For example, Office 365 Advanced Threat Protection, which works similarly to ATP, only focuses on scanning and detecting suspect activity within emails. 

With 269 billion emails sent every day, the likelihood of a data breach via email is extremely high. As a result, 365 Advanced Threat Protection’s ability to narrow the focus is critical to keeping your business’ internal processes secure.

Threat protection and the cloud

Cloud adoption has reached new heights. According to RightScale’s 2015 state of the cloud report, 88% of businesses are using public cloud technology and 63% are using private cloud solutions.

Unfortunately, deployment to the cloud doesn’t automatically put your data in safe hands. It requires maintenance to ensure your data remains secure.

Attending a Microsoft partner-led cloud workshop will get you up-to-speed on the latest techniques for keeping data secure. In these workshops, you can learn from industry experts and understand how to tailor your security to your business, ultimately keeping one step ahead of the threat.