When we think of artificial intelligence (AI), we think of robots — machines that mimic human behavior or thought. This is partly the influence of comics, novels, movies and other pop culture tidbits, but the boundaries of AI have progressed far beyond this basic personification.

Originally defined by Alan Turing, AI initially referred to any machine that could approximate human responses under certain conditions. However, AI is now a multifaceted subject. From a technology perspective, recent advancements in machine learning, deep learning and cognitive computing have spurred significant interest in the potential of AI. Using these technologies, we have built robots that can learn to walk on their own, software that can synthesize music and solutions that can diagnose cancer.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

Core Elements of Artificial Intelligence

At its most basic level, machine learning, a subset of AI, consists of using algorithms to parse through data, learn from it and make predictions about new input data based on information gleaned from the initial training data. It gives computers the ability to learn on their own without being programmed.

Deep learning, a subset of machine learning, is modeled on artificial neural networks inspired by the way the human brain works with interconnections between neurons. But unlike the human brain, artificial neural networks have discrete layers, connections and direction of data propagation.

While deep learning has been around for a while, it has only recently gained traction among researchers and in practical applications. This is largely due to advancements in processing power and cloud computing, which enables researchers to build large neural networks that can learn from enormous data sets.

Augmented Intelligence: Cognitive Systems and IBM Watson

Cognitive systems are another subset of artificial intelligence that simulate the human thought process using an automated model. These self-learning systems are built using machine learning foundations that perform data mining, pattern recognition and natural language processing (NLP).

Cognitive systems such as IBM Watson add another layer of reasoning and inferencing capabilities. Watson was designed to work in tandem with practitioners to augment their work with more accurate insights derived from domain data.

IBM Watson is a cognitive system that understands, reasons and learns just like a human would. Watson ingests and understands unstructured data sources, interprets natural language, extracts ideas and makes inferences. It then attempts to gather evidence to defend or refute its inferences. With each data point and interaction, Watson learns and develops expertise on the subject. The logic Watson employs is transparent so that it can be reviewed and understood by domain experts.

The Need for AI in Cybersecurity

According to the “2015 ISC2 Global Information Security Workforce Study,” the number of unfilled security positions is expected to reach about 1.5 million by 2020. Given this global skills shortage, organizations are struggling to keep up with the growing threat landscape inundating organizations with unrelenting cyberattacks. The skills shortage, coupled with the need for consistency, speed and accuracy when investigating incidents, leaves critical security gaps.

Traditionally, when security analysts investigate an incident, they need to perform several manual cognitive tasks. They need to gather local context around the incident by reviewing data and outlying events before expanding the search to gather more data around the incident. They then need to conduct threat research and develop expertise by pivoting on multiple data sources such as threat feeds, blogs and research articles. Finally, analysts must apply the intelligence they gathered to qualify the incident and identify the root cause.

With the advancement of artificial intelligence and cognitive systems such as IBM Watson, we can now augment the security analyst’s ability to fill gaps in intelligence, speed and accuracy to confidently identify and stop cyberattacks.

Learning the Language of Security

While AI and cognitive technologies are great at solving real-world problems, they need to be more consumable and actionable without the hassle of setting up the various models and training the system. Watson for Cyber Security has been trained by hundreds of security professionals at IBM to understand the language of security and investigate security incidents, all to quickly and accurately identify threats. Watson for Cyber Security is constantly increasing its already massive knowledge base by consuming over 15,000 documents per day. To date, it has ingested over 2 million documents to provide complete context around security incidents.

This is just the beginning of what’s possible with Watson for Cyber Security. Join us in our cognitive security journey as we unlock the full potential of Watson to defend against cyberthreats.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

More from Intelligence & Analytics

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack. Let’s look at the 13 costliest cyberattacks of the past year and…

What Can We Learn From Recent Cyber History?

The Center for Strategic and International Studies compiled a list of significant cyber incidents dating back to 2003. Compiling attacks on government agencies, defense and high-tech companies or economic crimes with losses of more than a million dollars, this list reveals broader trends in cybersecurity for the past two decades. And, of course, there are the headline breaches and supply chain attacks to consider. Over recent years, what lessons can we learn from our recent history — and what projections…

When Logs Are Out, Enhanced Analytics Stay In

I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I asked. I spent the majority of my career in hardware — enterprise hardware, cloud hardware, and just recently made the jump to security software, hence my question. “Because SIEMs are hard to use. A SIEM purchase is just a checked…

4 Most Common Cyberattack Patterns from 2022

As 2022 comes to an end, cybersecurity teams globally are taking the opportunity to reflect on the past 12 months and draw whatever conclusions and insights they can about the threat landscape. It has been a challenging year for security teams. A major conflict in Europe, a persistently remote workforce and a series of large-scale cyberattacks have all but guaranteed that 2022 was far from uneventful. In this article, we’ll round up some of the most common cyberattack patterns we…