Instead of operating based on signatures or heuristics, solutions should be predictive and preventive, and should detect and mitigate threats before execution. Machine learning AI endpoint security solutions should preempt and mitigate known and unknown malicious files and code based on characteristics. Solutions should be able to scale to protect vital systems.

Artificial intelligence can give organizations a much-needed edge over their sophisticated and evasive adversaries, according to "Signature-Based Malware Protection Is Dead," a whitepaper by James Scott that was recently published by the Institute for Critical Infrastructure Technology (ICIT). It is no longer enough to detect and respond to adversaries, wrote Scott, an ICIT Senior Fellow, and most organizations remain ignorant of the fact that their networks are "actively pulsating with threat actors who set up beachheads for future attack and exfiltrate treasure trove's of valuable data." Furthermore, today's technologies are antiquated and no match for cyber-adversaries, he added. No longer can layers of interconnected, vendor-supplied security solutions "Frankensteined together" protect users, networks, data centers and cloud resources, Scott reported. Instead of relying on solutions that operate based on signatures and heuristics, he is calling for critical infrastructure organizations to adopt sophisticated, machine learning-based artificial intelligence that depends on complex algorithms to detect, prevent, and mitigate malicious files and code based on their characteristics before they are executed.