In the 1950s, artificial intelligence (AI) became a hot topic of scientific conversation in science fiction novels. The prospect of attacks by intelligent machines became a trend that led the imagination down dark paths of technological domination.
AI is no longer science fiction and is on a path of destruction, but not one that could have been predicted 60 years ago. It is playing no small role in the prevention of cybercrime, and leading the fight back in protecting data.
Machine learning is providing teams with the capability to thwart APTs (advanced persistent threats) through zero day attacks and with the analytic prowess they need to identify both internal and external threats. Cybercrime may well be about to meet its virtual match without impacting on the future of the security professional.
In March 2016, Google DeepMind’s AI, AlphaGo, defeated the best Go player in the world, Lee Sedol. It wasn’t supposed to have been able to do this for another ten years, at least. This computer is the best example of deep learning, which is the fundamental precept of true AI and something that has potential in the field of security.
Machine learning algorithms can be used to create a behaviour profile of users. Based on this profile it is possible to differentiate normal and abnormal behaviour from each other. Deep learning has become the key that unlocks the door to powerful AI capabilities, like these.
AI vs. the human element
At the Fortune Brainstorm Tech Conference in Colorado in July 2015, Symantec CTO Amit Mital said: ‘Cyber security is basically broken.’ Spend is on the increase as enterprise and public sector continues to seek out solutions to protect against the rising tide of hackers.
The solutions are embattled and at a loss as the list of hacked corporations continues to rise with Sony, the IRS, the federal Office of Personnel Management (USA), Ashley Madison and Gemalto being just some of the big names brought down by hacks in 2015.
Many of these attacks took place years before they were discovered – others were swift and deadly. In all cases, people were too slow to stop the hack.
Artificial intelligence systems that are designed to learn and adapt, and which are capable of recognising miniscule shifts in online undercurrents, are eminently more capable than humans when it comes to catching cybercrime in the act.
However, this doesn’t mean that the human touch is out of the game. Common sense and the five senses have yet to be replicated and these play no small role in the management and control of security.
People are needed to determine the value or depth of an identified threat. Their insight and knowledge are vital to establishing how to react to a specific scenario and whether or not a reaction is even needed.
It is also the human element that is fundamentally essential to the development of viable AI solutions in the cyber security sector. There is enormous potential in the market for the creation of technology in line with security parameters and protocols to ensure solutions are contextual, more preventative and proactive than reactive and passive.
AI is breaking the barrier of the traditional rule-based control type of security that is no longer effective. Its use of big data algorithms and its ability to learn allows for a more expansive view of security systems and solutions, and gives security professionals a much richer playing ground than ever before.
In this new realm of proactive defence against the unexpected threat, security teams are given far better tools. They can future-proof their investments and protect the corporate network against the unknown, as opposed to the traditional tools that can only protect against the known.
Machine learning throws a flexible, living net over the organisation that can analyse data in real time and block upcoming malicious activity. It can provide security professionals with valuable insight into systems and allow them to prioritise security alerts – no small boon when statistics show a bleak security landscape.
Security company Fortinet said it is seeing half a million attack attempts a minute and a Department of Business, Innovation & Skills study found that 90% of large organisations reported a breach last year.
There has been a 144% increase in successful cyber-attacks on businesses according to the CYREN 2015 Cyberthreat Yearbook, and 70% of the 90 million cyber security events go undetected every year.
For the cybercriminal, there is big money to be made from hacking large enterprises. For the enterprise, there is a desperate need to find an adaptive and proactive way of protecting data and systems from the growing threat of the black hat.
The arrival of machine-led security systems capable of machine learning and swift responses is not one that should be met with concern. Instead, it is an opportunity for security professionals to expand their reach and refine their skills, harnessing the technology to create systems that are aware and ready.
Sourced from Dániel Bagó, Balabit