Watson, IBM’s AI supercomputer, now has the ability to investigate security events and create new services for building cognitive security operation centres.
And it now has the capability to allow customers and analysts to interact with Watson through voice and chat regarding cyber security concerns.
According to IBM, Watson can now help security analysts parse thousands of natural language research reports that have never before been accessible to modern security tools.
For the past year, Watson has been trained on the language of cyber security with over one million security documents, and has been tested with over 40 clients and channel partners including the Ireland based partner Smarttech and Avnet.
IBM claims it is the industry’s first augmented intelligence technology designed to power cognitive security operations centers (SOCs).
At the moment, security teams sift through more than 200,000 security events per day on average, leading to over 20,000 hours per year wasted chasing false positives, according to to research from IBM.
The need to introduce cognitive technologies into security operations centres will be critical to keep up with the anticipated doubling of security incidents over the next five years and increased regulation globally.
“Today’s sophisticated cyber security threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” said Sean Valcamp, chief information security officer at Avnet.
>See also: The Trojan horse: 2017 cyber security trends
“Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly.”
‘Watson for Cyber Security’ will be integrated into IBM’s new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoints, networks, users and cloud.
IBM has also invested in research to bring cognitive tools into its global X-Force Command Centre network, including a Watson-powered chatbot currently being used to interact with IBM managed security services customers.
Finally, IBM has commissioned a new research project, code-named Havyn.
As referred to earlier this voice-powered security assistant will leverage Watson conversation technology to respond to verbal commands and natural language from security analysts: giving cyber security a voice.
Cognitive and AI-based security tools are seen as a critical evolution of the industry to keep pace with increasingly sophisticated threats, huge amounts of data, and a massive workforce shortage expected to reach over a million open positions by 2020.
A recent study indicates that cognitive security will see three times increased adoption within the next 2-3 years.