As the digital economy grows, it is essential to keep the safety and resilience of society in mind, and to protect its citizens and businesses. In recent years, companies and in particular enterprises and SMEs have embraced digital transformation and adopted ICT solutions to improve their operations. But the cyber landscape has evolved rapidly in the past few years. Current practices and solutions simply do not suffice to protect organisations from the persistence and sophistication of professional threat actors. Despite significant investment in cyber defence, most organisations are unable to keep pace with the ongoing evolution of threats and attack methods.
Meanwhile, the growing cyber landscape and changing IT architectures are driving the need for experienced security professionals. But the availability of these professionals is scarce. As it stands now, the widening gap between defenders and attackers will only continue to grow in the coming years. This trend can only be stopped through a fundamental game-changer. The Orchestrator proposal believes, that a combination of human expertise and technological advancements like Machine Learning (ML) and Artificial Intelligence (AI) hold the key. Specifically, that includes automating some security tasks that have traditionally been done by humans and designing better decision support and visualisation tools. These are the keys to improving the odds and protecting ourselves from the inevitable and continuous onslaught of threats.
Orchestrator aims to develop AI and ML supported network monitoring, management and cyber security platform. Thus, the main focus of the proposal will be monitoring and management of highly dynamic large-scale hybrid networks and also ensuring cyber security of such networks by employing AI and ML based solutions for acting at machine speed against emergent attacks. The Orchestrator platform will revolutionize the experience for security analysts by providing proactive, automated, remediated capabilities. By detecting anomalies and breaches quickly, and providing automated remediation. The Orchestrator platform will able to greatly enhance network security by protecting users, devices and organization’s reputation.
Orchestrator will not only address network monitoring and management in highly dynamic hyrid networks but it will also focus on cyber security issues in such networks. Orchestrator will monitor and manage your network but also it will have a “Security Brain” to ensure security of your network. This “Security Brain” will be take an action in two main ways:
1) Robotic Response based on rule-based actions
2) Cognitive Response based on AI and ML technologies
Security risk assessment and mitigation are two vital processes that need to be executed to maintain a productive IT infrastructure. To support detecting insider attackers, Orchestrator will also provide a solution that will conduct continuous analysis of individuals' usage of their organizational IT networks, and effectively visualizes the associated security exposures of the organization. This solution will incorporate a risk-focused dashboard that highlights anomalous user behaviors and the aggregated risk levels associated with individual users, user groups, and overall system security state.