Often touted as a potential superweapon destined to turn the tide of war, what exactly is the role of AI in cyber security?
Leveraging Artificial Intelligence -AI in cyber security can enable organizations a fast and efficient response to a cyberattack. While walking around the larger industry shows, it doesn’t take long to realize that artificial intelligence and machine-learning are the current buzz of the cyber-security industry.
In an effort to define what ‘artificial intelligence’ actually is, Luger & Stubblefield described in their 2004 book on artificial intelligence, that an ideal “intelligent” machine is a flexible rational agent that perceives its environment and takes actions that maximize its chance of success at some goal based on a complex set of calculations.
Organizations quite often spend millions of dollars on deploying various technologies on cybersecurity to defend against data breaches. Despite that, devastating hacking continues to occur. Does it mean that the technology is not advanced enough to outwit hackers? The race between security professionals and hackers seems to be a never-ending game, and hackers are seemingly always ahead in this race.
Next Generation Artificial Intelligence (AI) seems to be a breakthrough technology to provide capability and hope to react instantly in real time in the event of an underway cyber-attack or data breach. Next Gen AI can provide huge advantages over a human’s capability when it comes to combating an attack by recognizing and detecting an in-progress attack due to a change in the network and user behavior using advance machine learning technology. Humans will take time to understand and observe changes in the behavior. By the time a person understands something, it is too late, resulting a substantial damage to the organization.
Next Gen AI in cyber security could make it possible for humans and technology to work together. Next-gen AI solutions can be developed in such a way that they understand the user and network behavior, learn business context by self-learning for a few days to months, and then connect dots instantly if a deviation occurs in the normal behavior in the real-time.
Research from security company Hexadite, a security automation company, claimed that 37% of cyber-security professionals face 10,000 alerts per month” with 52% of alerts turning out to be false positive… As notifications from UBA, SIEM and threat intelligence systems continue to grow, the role of AI in cyber security is positioned to be the solution to the fatigue experienced by SOC teams who have to try and figure out what to do with each threat, and whether or not they should investigate it further.
Today, security analysts spend a lot of time in analyzing flooding false alerts and notifications from security monitoring tools, and sometimes actual attacks in-progress either go unnoticed or get noticed too late that it would have already cause damage. Harnessing the power of Next Gen AI to tackle today’s sophisticated cyber-attack in a manner that promises to be fast and more effective than traditional approaches will definitely help reduce the data breaches and could be a turning point in cybersecurity world.
At MIT a group is working to create a cyber defense solution by looking into data to detect suspicious activity, and connect dots into meaningful patterns. IBM Security announced its cognitive technology Watson for Cybersecurity, which promises to help monitor and detect security threats. IBM will be partnering with universities to help speed up learning cryptic terminology of the cybersecurity world by flooding security reports and data into it.
Others who believe less in AI in cyber security say – In cyber-security you’re often up against criminals who already know very well how machines and machine-learning works and how to circumvent their capabilities. So the more realistic approach is AI will be the extra pairs of hands it affords SOC teams in sifting through the millions of notifications, beeps and flashing lights SOC teams have to deal with.