The technologies behind cognitive systems have matured greatly in recent years, which has expanded the number and types of applications for the technology. One such initiative involves applying cognitive computing to cybersecurity.

Cognitive computing has five core capabilities. Looking at the ways these can be applied to the security arena may illuminate some interesting possibilities for IT professionals.

The Core Capabilities of Cognitive Systems

Cognitive technology creates a deeper human engagement. Cognitive security systems analyze all available structured and unstructured data to find what really matters — to a person or group. By being able to better understand an individual, users can gain insight into an attacker’s motives as well as the defender’s needs.

The pattern of how a system is used, based on actual operational patterns rather than just specifications, can point to areas that may be part of the attack surface that has gone unnoticed by an observer. Similarly, the attack patterns as a whole can lead to a better understanding of the true goals of the attacker instead of a simple list of targets.

Another capability these systems offer is the ability to scale and elevate the expertise brought to a problem. Cognitive computing can serve as a companion for professionals to enhance their performance. A wider range of experience and insight can be applied to the problem at hand through cognitive’s collection and analysis of data that might have otherwise been overlooked.

Products and services can be infused with cognitive systems as well. This means the augmentation of their capabilities to deliver uses that had not previously been imagined. Techniques currently used for cybersecurity purposes can expand their use cases when the relevant security tool capabilities are increased or amplified, for example.

When processes are integrated with cognitive capabilities, they can collect data from internal and external sources. These processes can then learn from unstructured data — something that has vexed other kinds of computing. That is huge, because unstructured data is what will drive the greater use of coincident information in automated decision-making.

It’s a great pool of currently unused information not found in current databases that should lead to a wider perspective of data relations.

How It’s Impacting Security

Cognitive can enhance exploration and discovery. Its core capabilities are exactly what the cybersecurity field needs.

Discovering and processing data allows cognitive to assist the professional who must make decisions about a given situation. It serves as a valuable tool to the decision-maker by searching remote areas for information and connections.

It could also make data collection a truly ongoing background process that is only accessed when needed. That way, you could have data that you didn’t even know you needed available because it had been automatically collected. Cognitive widens the data that can be surveyed, giving a greater breadth to the analysis that ensues.

IBM Security announced that, right now, California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County; the University of New Brunswick; the University of Ottawa; and the University of Waterloo are all working on marrying cognitive computing and cybersecurity. They are also finding ways to best communicate analysis results to the people who need to know, increasing the odds that the results will actually get used.

Raw computing power by itself can be useless if it’s unfocused. Cognitive systems are focusing on identifying the most important aspects of security incidents and communicating those critical results. This characteristic — ease of use, even with complex queries — is part of the reason why cognitive will make its biggest security impact in the days to come.

Watch the video: Step up to the Cognitive Era with IBM Watson for Cyber Security

More from Artificial Intelligence

SOCs Spend 32% of the Day On Incidents That Pose No Threat

4 min read - When it comes to the first line of defense for any company, its Security Operations Center (SOC) is an essential component. A SOC is a dedicated team of professionals who monitor networks and systems for potential threats, provide analysis of detected issues and take the necessary actions to remediate any risks they uncover. Unfortunately, SOC members spend nearly one-third (32%) of their day investigating incidents that don't actually pose a real threat to the business according to a new report…

4 min read

Machine Learning Applications in the Cybersecurity Space

3 min read - Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information from vast amounts of data and transform it into valuable business knowledge. While most industries use these techniques, they are especially prominent in the finance, marketing, healthcare, retail and cybersecurity sectors. Machine learning can also address new cyber threats. There…

3 min read

Now Social Engineering Attackers Have AI. Do You? 

4 min read - Everybody in tech is talking about ChatGPT, the AI-based chatbot from Open AI that writes convincing prose and usable code. The trouble is malicious cyber attackers can use generative AI tools like ChatGPT to craft convincing prose and usable code just like everybody else. How does this powerful new category of tools affect the ability of criminals to launch cyberattacks, including social engineering attacks? When Every Social Engineering Attack Uses Perfect English ChatGPT is a public tool based on a…

4 min read

Can Large Language Models Boost Your Security Posture?

4 min read - The threat landscape is expanding, and regulatory requirements are multiplying. For the enterprise, the challenges just to keep up are only mounting. In addition, there’s the cybersecurity skills gap. According to the (ISC)2 2022 Cybersecurity Workforce Study, the global cybersecurity workforce gap has increased by 26.2%, which means 3.4 million more workers are needed to help protect data and prevent threats. Leveraging AI-based tools is unquestionably necessary for modern organizations. But how far can tools like ChatGPT take us with…

4 min read