[BreachExchange] How Significant Should AI’s Role In Cybersecurity Be?

Destry Winant destry at riskbasedsecurity.com
Tue Feb 5 01:14:12 EST 2019


https://insidebigdata.com/2019/02/01/how-significant-should-ais-role-in-cybersecurity-be/

Comparing modern cybersecurity to how it looked a decade or two ago is
like comparing an SUV to a horse-drawn carriage. The level of
complexity in our networks, ecosystems, and supply chain is quickly
reaching critical mass. Never before have we dealt with threat
surfaces this large, and never before have we had to defend against
such a vast array of different threats.

To make matters worse, we’re seeing this increase in complexity amidst
a growing talent shortage in the IT space. Not only are cybersecurity
professionals faced with tougher, more complicated work than in the
past, there are also fewer of them than there used to be. It’s a grim
outlook, to be sure – but there’s a silver lining here.

Because although the challenges facing security professionals are
tougher, the tools they’re equipped with are also more sophisticated
than ever. Machine learning and automation stand to revolutionize how
we protect our networks and data, while innovations in monitoring,
deception technology, and file-level security continue to put up walls
against even advanced attackers. To say there’s something of an arms
race going on would be a rather accurate assessment.

Amidst this landscape, there are a few who believe that the time of
man in the security space may be coming to an end.

Keeping our networks secure from hackers is becoming too big a job for
humans,” writes Design News’s Chris Wiltz. “Attacks and security
breaches will only get more severe as more devices and data are
brought online…as AI technologies become more widely accessible and
affordable for benevolent and malicious parties alike, humans aren’t
going to be able to win the battle alone.”

Wiltz isn’t exactly wrong. Our brains simply aren’t equipped to
process the immense flows of data that are now common in even smaller
business networks. Tailor-made, automated systems capable of learning
to proactively recognize and respond to threats are inarguably the
future of cybersecurity.

At the same time, machine learning is far from perfect. An AI can be
compromised – it can be targeted by attackers the same as any
enterprise system. More importantly, human beings have something that
even the most sophisticated of systems still lack – abstract thought.

A cybersecurity AI can only think and react in terms of the context
it’s been given. It works with the concrete and corporeal. It can
recognize that Tim in accounting is behaving irregularly based on his
past behavior, but it cannot extrapolate beyond what it can see – it
has no understanding of why Tim is doing what he’s doing.

For the moment, the best way forward for businesses is to augment
human expertise with machine intelligence. To craft an approach to
cyber security which embraces the differences between IT professionals
and artificial intelligence, allowing each to account for the
weaknesses of the other.  The day that changes may well be the day
that AI becomes as close to human as it will ever be.


More information about the BreachExchange mailing list