Light Dark
March 15, 2017 By Rick M Robinson 2 min read
Artificial Intelligence

Artificial intelligence (AI) and its role in security was a hot topic at last month’s RSA Conference in San Francisco. But some cold water was also being thrown on the growing tendency of vendors to use AI, especially machine learning, as marketing hype.

AI indeed “moves the needle,” Zulfikar Ramzan, the RSA chief technology officer (CTO), said at the conference. But, he added, “the real open question to me is how much has that needle actually moved in practice?”

To cut through the marketing hype, it is necessary to understand the real capabilities and limitations of artificial intelligence in security.

Distinguishing Substance From Hype

Some of what is being hyped as artificial intelligence breakthroughs is actually well-established technology. For example, Ramzan noted that the use of machine learning to recognize and identify hostile traffic is the basis of familiar tools such as spam filters.

Machine learning technology continues to improve. It is particularly useful in roles such as spotting attacks that do not involve malware, where the overall pattern identifies the attack as a threat. But the hype threatens to produce what Ramzan called a “lemons market” in which security customers cannot readily tell which vendors are offering real value.

Artificial Intelligence and the Security Data Challenge

Other security observers point to the sheer volume of traffic data as a key area where artificial intelligence can make an effective contribution.

“Right now, it’s an issue of volume. There’s just not enough people to do the work,” Mike Buratowski, senior vice president of Fidelis Cybersecurity, said at RSA. In this situation, he continued, AI technology “can crunch so much data and present it to somebody.”

In this application, AI works hand in hand, so to speak, with the human intelligence of security analysts. A high-level AI such as Watson can monitor enormous amounts of raw traffic data and look for patterns that it can then pass on to human analysts for closer examination and evaluation. In turn, interaction with its human colleagues allows the AI to refine its search algorithms.

The Future of Cognitive Security

Other innovative approaches to artificial intelligence in security include scanning messaging and other patterns on web forums and related sites associated with black market activities. As in network traffic analysis, the role of AI in tracking the Dark Web is to examine very large volumes of unstructured data — big data in the truest sense — for patterns that can then be further scrutinized by human expertise.

Given the rate at which big data is getting even bigger, the demand for this type of AI augmentation of threat intelligence is sure to grow. This will only expand the possibilities of AI and cognitive computing in the security space.

Listen to the podcast: The Cognitive Transformation is for Everyone

 |  |  |  |  | 
Rick M Robinson

More from Artificial Intelligence
December 18, 2024

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

December 17, 2024

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

December 12, 2024

Security roundup: Top AI stories in 2024

3 min read - 2024 has been a banner year for artificial intelligence (AI). As enterprises ramp up adoption, however, malicious actors have been exploring new ways to compromise systems with intelligent attacks.With the AI landscape rapidly evolving, it's worth looking back before moving forward. Here are our top five AI security stories for 2024.Can you hear me now? Hackers hijack audio with AIAttackers can fake entire conversations using large language models (LLMs), voice cloning and speech-to-text software. This method is relatively easy to…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature