Topics:   Cybersecurity,Risk Management,Technology

Topics:   Cybersecurity,Risk Management,Technology

August 28, 2019

Cybersecurity: AI to the Rescue?

August 28, 2019

It’s no secret that the technology industry is prone to overhyping the latest, greatest, shiny new thing. Sometimes technology lives up to the hype (cloud computing), and sometimes, well, not so much (blockchain).

And then there are the technologies that are impossible to overhype. Artificial intelligence (AI) is this kind of technology. Over the next five to ten years, we’re going to see AI and machine learning penetrate virtually all aspects of business, not to mention fundamentally change the way we work and live. From medical diagnoses to contract reviews and self-driving automobiles, AI will change everything.

A Cute Puppy Will Change the World

What we see today from AI—applications like chatbots and virtual agents for customer service—is only a hint of things to come. These applications have launched AI into what I call its “cute puppy” phase. CEOs and other executives think it’s cute when they see a chatbot work, but it’s worth equating the chatbot with witnessing Alexander Graham Bell’s first telephone call—it’s pretty neat, but to the casual observer the ramifications may not be readily apparent. Bell’s “cute” telephone wound up changing life as we know it, acting as a catalyst eventually for the creation of the internet, smartphones, satellite communications, and many other things in our connected world. AI will cause a similar global transformation.

Directors need to understand this parallel to Bell and the telephone because the effective adoption of AI will be a competitive determinant similar to the adoption of e-commerce 20 years ago: those that adopt the technology early and do it well will thrive, and those that don’t will be left in the dust by a burgeoning megacompany because they didn’t adapt. And, while virtually every functional area of the typical enterprise stands to be transformed by AI, cybersecurity is one of the areas that stands poised to reap enormous benefits in the near term.

How AI Transforms Cybersecurity

When we look at the critical issues in cybersecurity—the skills shortage, the complexity of securing digital assets caused by technology overload, the need to manage every employee (not to mention every director) as a potential security threat, and the fact that security teams have to be perfect while the bad guys only have to be right once—AI can potentially solve all of them.

As a point of illustration, let’s look at how cybersecurity teams currently manage threat detection and response. Typically, an organization will have lots of security technologies in place that generate alerts when they detect something suspicious. Most of these alerts are false positives—that is, things that look suspicious but really aren’t. This approach causes “alert overload,” where so many alerts are generated (tens of thousands in some cases) that security teams simply cannot investigate them all, which creates a “needle in the haystack” problem where alerts of legitimately bad threats get lost amid the sea of false positives.

Now, imagine a world where AI manages the entire threat detection and response process. The alert overload problem is no longer an issue, because AI can scale to investigate and respond to every last alert within your company’s unique architecture. Beyond that, AI learns every time it sees an actual threat and can use that knowledge to forecast how future threats will look. Finding the needle in the haystack is a near-impossible task for humans, but it’s relatively trivial for AI.

This is just one simplistic example of the impact AI will have on cybersecurity. There is a dark side to AI as well—the bad guys will use it to create ever more sophisticated and elusive attacks. But when we look at the lopsided “arms race” today, where the bad guys get to start the 100-meter dash 99 meters down the track, AI will at least make it a fair race, where everyone starts at the same line.

Living Up to the Hype

There are a number of hurdles that must be cleared before AI can realize its potential in the cybersecurity sphere, or any other area of business, for that matter. There are no standard AI architectures today, no regulations (there will be), no transparency into technology vendor algorithms so there is no way to validate how their AI is making decisions (which raises the specter of two AI systems arguing with each other), and there are not enough data scientists. We also haven’t really focused on securing AI itself; there are already algorithm manipulation attacks underway, which is a problem that must be stopped dead in its tracks.

But, as with e-commerce, the benefits of AI are so profound that these initial hurdles will be cleared, and cleared quickly. So, when we look at solving today’s problems with cybersecurity, will AI live up to its hype? The vote here is a resounding yes—the technology really is that transformative.

Greg Baker is the vice president and general manager of Cyber Digital Transformation at Optiv.

Comments

KayDAugust 30, 2019

What do you mean "…the fact that security teams have to be perfect while the bad guys only have to be right once". That is a dangerous statement that implies the battle is lost because we will not be perfect – I would argue even AI will be infallible for the foreseeable future. The fact is that the bad guys need to be right as many times as we defenders but a hurdle in the way.