When we think of artificial intelligence (AI), we think of robots — machines that mimic human behavior or thought. This is partly the influence of comics, novels, movies and other pop culture tidbits, but the boundaries of AI have progressed far beyond this basic personification.

Originally defined by Alan Turing, AI initially referred to any machine that could approximate human responses under certain conditions. However, AI is now a multifaceted subject. From a technology perspective, recent advancements in machine learning, deep learning and cognitive computing have spurred significant interest in the potential of AI. Using these technologies, we have built robots that can learn to walk on their own, software that can synthesize music and solutions that can diagnose cancer.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

Core Elements of Artificial Intelligence

At its most basic level, machine learning, a subset of AI, consists of using algorithms to parse through data, learn from it and make predictions about new input data based on information gleaned from the initial training data. It gives computers the ability to learn on their own without being programmed.

Deep learning, a subset of machine learning, is modeled on artificial neural networks inspired by the way the human brain works with interconnections between neurons. But unlike the human brain, artificial neural networks have discrete layers, connections and direction of data propagation.

While deep learning has been around for a while, it has only recently gained traction among researchers and in practical applications. This is largely due to advancements in processing power and cloud computing, which enables researchers to build large neural networks that can learn from enormous data sets.

Augmented Intelligence: Cognitive Systems and IBM Watson

Cognitive systems are another subset of artificial intelligence that simulate the human thought process using an automated model. These self-learning systems are built using machine learning foundations that perform data mining, pattern recognition and natural language processing (NLP).

Cognitive systems such as IBM Watson add another layer of reasoning and inferencing capabilities. Watson was designed to work in tandem with practitioners to augment their work with more accurate insights derived from domain data.

IBM Watson is a cognitive system that understands, reasons and learns just like a human would. Watson ingests and understands unstructured data sources, interprets natural language, extracts ideas and makes inferences. It then attempts to gather evidence to defend or refute its inferences. With each data point and interaction, Watson learns and develops expertise on the subject. The logic Watson employs is transparent so that it can be reviewed and understood by domain experts.

The Need for AI in Cybersecurity

According to the “2015 ISC2 Global Information Security Workforce Study,” the number of unfilled security positions is expected to reach about 1.5 million by 2020. Given this global skills shortage, organizations are struggling to keep up with the growing threat landscape inundating organizations with unrelenting cyberattacks. The skills shortage, coupled with the need for consistency, speed and accuracy when investigating incidents, leaves critical security gaps.

Traditionally, when security analysts investigate an incident, they need to perform several manual cognitive tasks. They need to gather local context around the incident by reviewing data and outlying events before expanding the search to gather more data around the incident. They then need to conduct threat research and develop expertise by pivoting on multiple data sources such as threat feeds, blogs and research articles. Finally, analysts must apply the intelligence they gathered to qualify the incident and identify the root cause.

With the advancement of artificial intelligence and cognitive systems such as IBM Watson, we can now augment the security analyst’s ability to fill gaps in intelligence, speed and accuracy to confidently identify and stop cyberattacks.

Learning the Language of Security

While AI and cognitive technologies are great at solving real-world problems, they need to be more consumable and actionable without the hassle of setting up the various models and training the system. Watson for Cyber Security has been trained by hundreds of security professionals at IBM to understand the language of security and investigate security incidents, all to quickly and accurately identify threats. Watson for Cyber Security is constantly increasing its already massive knowledge base by consuming over 15,000 documents per day. To date, it has ingested over 2 million documents to provide complete context around security incidents.

This is just the beginning of what’s possible with Watson for Cyber Security. Join us in our cognitive security journey as we unlock the full potential of Watson to defend against cyberthreats.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

More from Artificial Intelligence

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

AI reduces data breach lifecycles and costs

3 min read - The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to businesses not using AI-based cybersecurity tools. The report found that the more an organization uses the tools, the greater the benefits reaped. Organizations that extensively used AI and security automation saw an average cost of a data breach of $3.60…