When we think of artificial intelligence (AI), we think of robots — machines that mimic human behavior or thought. This is partly the influence of comics, novels, movies and other pop culture tidbits, but the boundaries of AI have progressed far beyond this basic personification.

Originally defined by Alan Turing, AI initially referred to any machine that could approximate human responses under certain conditions. However, AI is now a multifaceted subject. From a technology perspective, recent advancements in machine learning, deep learning and cognitive computing have spurred significant interest in the potential of AI. Using these technologies, we have built robots that can learn to walk on their own, software that can synthesize music and solutions that can diagnose cancer.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

Core Elements of Artificial Intelligence

At its most basic level, machine learning, a subset of AI, consists of using algorithms to parse through data, learn from it and make predictions about new input data based on information gleaned from the initial training data. It gives computers the ability to learn on their own without being programmed.

Deep learning, a subset of machine learning, is modeled on artificial neural networks inspired by the way the human brain works with interconnections between neurons. But unlike the human brain, artificial neural networks have discrete layers, connections and direction of data propagation.

While deep learning has been around for a while, it has only recently gained traction among researchers and in practical applications. This is largely due to advancements in processing power and cloud computing, which enables researchers to build large neural networks that can learn from enormous data sets.

Augmented Intelligence: Cognitive Systems and IBM Watson

Cognitive systems are another subset of artificial intelligence that simulate the human thought process using an automated model. These self-learning systems are built using machine learning foundations that perform data mining, pattern recognition and natural language processing (NLP).

Cognitive systems such as IBM Watson add another layer of reasoning and inferencing capabilities. Watson was designed to work in tandem with practitioners to augment their work with more accurate insights derived from domain data.

IBM Watson is a cognitive system that understands, reasons and learns just like a human would. Watson ingests and understands unstructured data sources, interprets natural language, extracts ideas and makes inferences. It then attempts to gather evidence to defend or refute its inferences. With each data point and interaction, Watson learns and develops expertise on the subject. The logic Watson employs is transparent so that it can be reviewed and understood by domain experts.

The Need for AI in Cybersecurity

According to the “2015 ISC2 Global Information Security Workforce Study,” the number of unfilled security positions is expected to reach about 1.5 million by 2020. Given this global skills shortage, organizations are struggling to keep up with the growing threat landscape inundating organizations with unrelenting cyberattacks. The skills shortage, coupled with the need for consistency, speed and accuracy when investigating incidents, leaves critical security gaps.

Traditionally, when security analysts investigate an incident, they need to perform several manual cognitive tasks. They need to gather local context around the incident by reviewing data and outlying events before expanding the search to gather more data around the incident. They then need to conduct threat research and develop expertise by pivoting on multiple data sources such as threat feeds, blogs and research articles. Finally, analysts must apply the intelligence they gathered to qualify the incident and identify the root cause.

With the advancement of artificial intelligence and cognitive systems such as IBM Watson, we can now augment the security analyst’s ability to fill gaps in intelligence, speed and accuracy to confidently identify and stop cyberattacks.

Learning the Language of Security

While AI and cognitive technologies are great at solving real-world problems, they need to be more consumable and actionable without the hassle of setting up the various models and training the system. Watson for Cyber Security has been trained by hundreds of security professionals at IBM to understand the language of security and investigate security incidents, all to quickly and accurately identify threats. Watson for Cyber Security is constantly increasing its already massive knowledge base by consuming over 15,000 documents per day. To date, it has ingested over 2 million documents to provide complete context around security incidents.

This is just the beginning of what’s possible with Watson for Cyber Security. Join us in our cognitive security journey as we unlock the full potential of Watson to defend against cyberthreats.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks