Light Dark
March 15, 2017 By Rick M Robinson 2 min read
Artificial Intelligence

Artificial intelligence (AI) and its role in security was a hot topic at last month’s RSA Conference in San Francisco. But some cold water was also being thrown on the growing tendency of vendors to use AI, especially machine learning, as marketing hype.

AI indeed “moves the needle,” Zulfikar Ramzan, the RSA chief technology officer (CTO), said at the conference. But, he added, “the real open question to me is how much has that needle actually moved in practice?”

To cut through the marketing hype, it is necessary to understand the real capabilities and limitations of artificial intelligence in security.

Distinguishing Substance From Hype

Some of what is being hyped as artificial intelligence breakthroughs is actually well-established technology. For example, Ramzan noted that the use of machine learning to recognize and identify hostile traffic is the basis of familiar tools such as spam filters.

Machine learning technology continues to improve. It is particularly useful in roles such as spotting attacks that do not involve malware, where the overall pattern identifies the attack as a threat. But the hype threatens to produce what Ramzan called a “lemons market” in which security customers cannot readily tell which vendors are offering real value.

Artificial Intelligence and the Security Data Challenge

Other security observers point to the sheer volume of traffic data as a key area where artificial intelligence can make an effective contribution.

“Right now, it’s an issue of volume. There’s just not enough people to do the work,” Mike Buratowski, senior vice president of Fidelis Cybersecurity, said at RSA. In this situation, he continued, AI technology “can crunch so much data and present it to somebody.”

In this application, AI works hand in hand, so to speak, with the human intelligence of security analysts. A high-level AI such as Watson can monitor enormous amounts of raw traffic data and look for patterns that it can then pass on to human analysts for closer examination and evaluation. In turn, interaction with its human colleagues allows the AI to refine its search algorithms.

The Future of Cognitive Security

Other innovative approaches to artificial intelligence in security include scanning messaging and other patterns on web forums and related sites associated with black market activities. As in network traffic analysis, the role of AI in tracking the Dark Web is to examine very large volumes of unstructured data — big data in the truest sense — for patterns that can then be further scrutinized by human expertise.

Given the rate at which big data is getting even bigger, the demand for this type of AI augmentation of threat intelligence is sure to grow. This will only expand the possibilities of AI and cognitive computing in the security space.

Listen to the podcast: The Cognitive Transformation is for Everyone

 |  |  |  |  | 
Rick M Robinson

More from Artificial Intelligence
November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

October 30, 2024

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

4 min read - The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster security defenses, cyber professionals now face a pivotal question: What new skills do I need to stay relevant?October is Cybersecurity Awareness Month, which makes it the perfect time to address this pressing issue. With AI transforming threat detection, prevention and response, what better moment to explore the essential skills professionals might require?Whether you're…

October 24, 2024

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature