When we think of artificial intelligence (AI), we think of robots — machines that mimic human behavior or thought. This is partly the influence of comics, novels, movies and other pop culture tidbits, but the boundaries of AI have progressed far beyond this basic personification.

Originally defined by Alan Turing, AI initially referred to any machine that could approximate human responses under certain conditions. However, AI is now a multifaceted subject. From a technology perspective, recent advancements in machine learning, deep learning and cognitive computing have spurred significant interest in the potential of AI. Using these technologies, we have built robots that can learn to walk on their own, software that can synthesize music and solutions that can diagnose cancer.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

Core Elements of Artificial Intelligence

At its most basic level, machine learning, a subset of AI, consists of using algorithms to parse through data, learn from it and make predictions about new input data based on information gleaned from the initial training data. It gives computers the ability to learn on their own without being programmed.

Deep learning, a subset of machine learning, is modeled on artificial neural networks inspired by the way the human brain works with interconnections between neurons. But unlike the human brain, artificial neural networks have discrete layers, connections and direction of data propagation.

While deep learning has been around for a while, it has only recently gained traction among researchers and in practical applications. This is largely due to advancements in processing power and cloud computing, which enables researchers to build large neural networks that can learn from enormous data sets.

Augmented Intelligence: Cognitive Systems and IBM Watson

Cognitive systems are another subset of artificial intelligence that simulate the human thought process using an automated model. These self-learning systems are built using machine learning foundations that perform data mining, pattern recognition and natural language processing (NLP).

Cognitive systems such as IBM Watson add another layer of reasoning and inferencing capabilities. Watson was designed to work in tandem with practitioners to augment their work with more accurate insights derived from domain data.

IBM Watson is a cognitive system that understands, reasons and learns just like a human would. Watson ingests and understands unstructured data sources, interprets natural language, extracts ideas and makes inferences. It then attempts to gather evidence to defend or refute its inferences. With each data point and interaction, Watson learns and develops expertise on the subject. The logic Watson employs is transparent so that it can be reviewed and understood by domain experts.

The Need for AI in Cybersecurity

According to the “2015 ISC2 Global Information Security Workforce Study,” the number of unfilled security positions is expected to reach about 1.5 million by 2020. Given this global skills shortage, organizations are struggling to keep up with the growing threat landscape inundating organizations with unrelenting cyberattacks. The skills shortage, coupled with the need for consistency, speed and accuracy when investigating incidents, leaves critical security gaps.

Traditionally, when security analysts investigate an incident, they need to perform several manual cognitive tasks. They need to gather local context around the incident by reviewing data and outlying events before expanding the search to gather more data around the incident. They then need to conduct threat research and develop expertise by pivoting on multiple data sources such as threat feeds, blogs and research articles. Finally, analysts must apply the intelligence they gathered to qualify the incident and identify the root cause.

With the advancement of artificial intelligence and cognitive systems such as IBM Watson, we can now augment the security analyst’s ability to fill gaps in intelligence, speed and accuracy to confidently identify and stop cyberattacks.

Learning the Language of Security

While AI and cognitive technologies are great at solving real-world problems, they need to be more consumable and actionable without the hassle of setting up the various models and training the system. Watson for Cyber Security has been trained by hundreds of security professionals at IBM to understand the language of security and investigate security incidents, all to quickly and accurately identify threats. Watson for Cyber Security is constantly increasing its already massive knowledge base by consuming over 15,000 documents per day. To date, it has ingested over 2 million documents to provide complete context around security incidents.

This is just the beginning of what’s possible with Watson for Cyber Security. Join us in our cognitive security journey as we unlock the full potential of Watson to defend against cyberthreats.

Watch the on-demand Webinar: 5 Building Blocks for a SOC That Rocks

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read