June 22, 2016 By Larry Loeb 3 min read

The technologies behind cognitive systems have matured greatly in recent years, which has expanded the number and types of applications for the technology. One such initiative involves applying cognitive computing to cybersecurity.

Cognitive computing has five core capabilities. Looking at the ways these can be applied to the security arena may illuminate some interesting possibilities for IT professionals.

The Core Capabilities of Cognitive Systems

Cognitive technology creates a deeper human engagement. Cognitive security systems analyze all available structured and unstructured data to find what really matters — to a person or group. By being able to better understand an individual, users can gain insight into an attacker’s motives as well as the defender’s needs.

The pattern of how a system is used, based on actual operational patterns rather than just specifications, can point to areas that may be part of the attack surface that has gone unnoticed by an observer. Similarly, the attack patterns as a whole can lead to a better understanding of the true goals of the attacker instead of a simple list of targets.

Another capability these systems offer is the ability to scale and elevate the expertise brought to a problem. Cognitive computing can serve as a companion for professionals to enhance their performance. A wider range of experience and insight can be applied to the problem at hand through cognitive’s collection and analysis of data that might have otherwise been overlooked.

Products and services can be infused with cognitive systems as well. This means the augmentation of their capabilities to deliver uses that had not previously been imagined. Techniques currently used for cybersecurity purposes can expand their use cases when the relevant security tool capabilities are increased or amplified, for example.

When processes are integrated with cognitive capabilities, they can collect data from internal and external sources. These processes can then learn from unstructured data — something that has vexed other kinds of computing. That is huge, because unstructured data is what will drive the greater use of coincident information in automated decision-making.

It’s a great pool of currently unused information not found in current databases that should lead to a wider perspective of data relations.

How It’s Impacting Security

Cognitive can enhance exploration and discovery. Its core capabilities are exactly what the cybersecurity field needs.

Discovering and processing data allows cognitive to assist the professional who must make decisions about a given situation. It serves as a valuable tool to the decision-maker by searching remote areas for information and connections.

It could also make data collection a truly ongoing background process that is only accessed when needed. That way, you could have data that you didn’t even know you needed available because it had been automatically collected. Cognitive widens the data that can be surveyed, giving a greater breadth to the analysis that ensues.

IBM Security announced that, right now, California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County; the University of New Brunswick; the University of Ottawa; and the University of Waterloo are all working on marrying cognitive computing and cybersecurity. They are also finding ways to best communicate analysis results to the people who need to know, increasing the odds that the results will actually get used.

Raw computing power by itself can be useless if it’s unfocused. Cognitive systems are focusing on identifying the most important aspects of security incidents and communicating those critical results. This characteristic — ease of use, even with complex queries — is part of the reason why cognitive will make its biggest security impact in the days to come.

Watch the video: Step up to the Cognitive Era with IBM Watson for Cyber Security

More from Artificial Intelligence

How I got started: AI security researcher

4 min read - For the enterprise, there’s no escape from deploying AI in some form. Careers focused on AI are proliferating, but one you may not be familiar with is AI security researcher. These AI specialists are cybersecurity professionals who focus on the unique vulnerabilities and threats that arise from the use of AI and machine learning (ML) systems. Their responsibilities vary, but key roles include identifying and analyzing potential security flaws in AI models and developing and testing methods malicious actors could…

How a new wave of deepfake-driven cyber crime targets businesses

5 min read - As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit. Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking and theft of assets and data, identity theft, and reputational damage to businesses across industries. Call centers of major banks and financial institutions are now overwhelmed by an onslaught of deepfake calls using voice cloning technology in efforts to break…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today