Cobalt Iron granted patent for ML-driven cyber inspection

The US Patent 11765187, issued on 19th September 2023, introduces advanced capabilities for the Cobalt Iron Compass, an enterprise SaaS backup platform. The envisaged techniques will utilise machine learning analysis to identify the most suitable and effective cyber inspection tools for specific data or cyber threats. This innovation enables businesses to adapt proactively and automatically in their usage of cyber inspection tools for corporate data validation, enhancing the efficiency of cyber event detection and data validation processes.

Responding to evolving cyber threats

As cyber attacks grow in frequency and complexity, businesses are constantly refining their IT security. Despite these efforts, attackers continually evolve their strategies, necessitating more dynamic and insightful cyber resilience measures. Presently, the industry lacks comprehensive analytics for cyber protection, detection, and inspection operations.

Patent qualification

This invention stands out for its distinct features:

• Analysis of historical data regarding the use of various cyber inspection tools and their effectiveness in detecting different cyber threats.
• Implementation of machine learning techniques in cyber inspection processes.
• Automatic adjustments of cyber inspection operations based on indications of cyber attacks, including timing and policy-driven alterations using various tools and levels of inspection.
• Customisation of inspection approaches for different life cycle stages of data objects or varying types of cyber threats.

Machine learning technology advancements in cyber inspection

The patented techniques proposed by Cobalt Iron will refine how Compass applies multiple cyber inspection tools under varying conditions.

Specifically, these techniques include:

• Storing and analysing machine learning training data related to a variety of cyber attacks, including ransomware, and data protection operations.
• Establishing policies to determine the class of inspection tools and inspection level required for specific security conditions within defined security zones.
• Monitoring for different security conditions and events and dynamically adjusting inspection tools and levels based on machine learning analysis.
• Performing cyber attack forensics and historical analysis to proactively understand attack patterns and consequences, leading to more effective restriction of access control to targeted data objects.

Practical applications and business outcomes

For instance, Compass might use these techniques to restrict access control to data types or applications targeted by cyber attacks. Alternatively, it could dynamically adjust the inspection tool or level based on past cyber attack and inspection data to enhance the effectiveness of future cyber inspections.

Commentary from Cobalt Iron Rob Marett, Chief Technology Officer at Cobalt Iron, highlighted the need for such innovations: "Organisations are in dire need of more proactive assistance in protecting their data and other IT resources and in detecting suspicious cyber activities. These new techniques apply machine learning analysis to figure out in advance which cyber inspection tools will be best for different scenarios. This allows businesses to continually optimise cyber inspection operations, thus improving their ability to detect cyber events and validate data."