June 22, 2016 By Larry Loeb 3 min read

The technologies behind cognitive systems have matured greatly in recent years, which has expanded the number and types of applications for the technology. One such initiative involves applying cognitive computing to cybersecurity.

Cognitive computing has five core capabilities. Looking at the ways these can be applied to the security arena may illuminate some interesting possibilities for IT professionals.

The Core Capabilities of Cognitive Systems

Cognitive technology creates a deeper human engagement. Cognitive security systems analyze all available structured and unstructured data to find what really matters — to a person or group. By being able to better understand an individual, users can gain insight into an attacker’s motives as well as the defender’s needs.

The pattern of how a system is used, based on actual operational patterns rather than just specifications, can point to areas that may be part of the attack surface that has gone unnoticed by an observer. Similarly, the attack patterns as a whole can lead to a better understanding of the true goals of the attacker instead of a simple list of targets.

Another capability these systems offer is the ability to scale and elevate the expertise brought to a problem. Cognitive computing can serve as a companion for professionals to enhance their performance. A wider range of experience and insight can be applied to the problem at hand through cognitive’s collection and analysis of data that might have otherwise been overlooked.

Products and services can be infused with cognitive systems as well. This means the augmentation of their capabilities to deliver uses that had not previously been imagined. Techniques currently used for cybersecurity purposes can expand their use cases when the relevant security tool capabilities are increased or amplified, for example.

When processes are integrated with cognitive capabilities, they can collect data from internal and external sources. These processes can then learn from unstructured data — something that has vexed other kinds of computing. That is huge, because unstructured data is what will drive the greater use of coincident information in automated decision-making.

It’s a great pool of currently unused information not found in current databases that should lead to a wider perspective of data relations.

How It’s Impacting Security

Cognitive can enhance exploration and discovery. Its core capabilities are exactly what the cybersecurity field needs.

Discovering and processing data allows cognitive to assist the professional who must make decisions about a given situation. It serves as a valuable tool to the decision-maker by searching remote areas for information and connections.

It could also make data collection a truly ongoing background process that is only accessed when needed. That way, you could have data that you didn’t even know you needed available because it had been automatically collected. Cognitive widens the data that can be surveyed, giving a greater breadth to the analysis that ensues.

IBM Security announced that, right now, California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County; the University of New Brunswick; the University of Ottawa; and the University of Waterloo are all working on marrying cognitive computing and cybersecurity. They are also finding ways to best communicate analysis results to the people who need to know, increasing the odds that the results will actually get used.

Raw computing power by itself can be useless if it’s unfocused. Cognitive systems are focusing on identifying the most important aspects of security incidents and communicating those critical results. This characteristic — ease of use, even with complex queries — is part of the reason why cognitive will make its biggest security impact in the days to come.

Watch the video: Step up to the Cognitive Era with IBM Watson for Cyber Security

More from Artificial Intelligence

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

How I got started: Cyber AI/ML engineer

3 min read - As generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interset, an AI cybersecurity company acquired by MicroFocus and then by OpenText. She continues as part of that team today. Did you go to college? What did you go to school for? Pospelova: I graduated with a bachelor’s degree in computer science and a…

Back to basics: Better security in the AI era

4 min read - The rise of artificial intelligence (AI), large language models (LLM) and IoT solutions has created a new security landscape. From generative AI tools that can be taught to create malicious code to the exploitation of connected devices as a way for attackers to move laterally across networks, enterprise IT teams find themselves constantly running to catch up. According to the Google Cloud Cybersecurity Forecast 2024 report, companies should anticipate a surge in attacks powered by generative AI tools and LLMs…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today