Almost every day, there’s news about a massive data leak -- a breach at Yahoo that reveals millions of user accounts, a compromise involving Gmail phishing scams. Security professionals are constantly moving the chess pieces around, but it can be a losing battle.
Yet, there is one ally that has emerged in recent years. Artificial intelligence can stay vigilant at all times, looking for patterns in behavior and alerting you to a new threat.
While AI is not anywhere close to being perfect, experts tell CSO that machine learning, adaptive intelligence, and massive data models that can spot hacking much faster than any human are here to help.
“There are some groundbreaking AI solutions built around cyber security analytics,” says George Avetisov, the CEO and Cofounder of biometric security company HYPR.
“The processes behind threat intelligence and breach discovery have remained incredibly slow due to the need for a human element. AI is transforming the speed at which threats are identified and attacks are mitigated by greatly increasing the speed at which such intelligence is processed.”
According to Avetisov, the big change has to do with removing the rules-based engine that have been in use at larger companies for decades. An AI adapts and learns about threats in real-time. They can analyze large data sets that are often fragmented and overlap with one another.
In this scenario, he says, the role of a human operator is to weed out false positives and, to an ever-increasing degree, make sure the data sets fed into an AI engine are accurate and robust. In some ways, it could be said that an AI is only as intelligent as the data it analyzes. What’s interesting is that an AI can also predict behavior based on current data sets, adapting your own security infrastructure based on what could potentially lead to a breach.
For now, AI is mostly used for malware detection, spotting phishing attacks, and blocking brute-force intrusions.
In the future, AI could be added to services we all rely on each day. In Gmail, for example, when you receive an email that looks legitimate, an AI can scan countless variables -- such as the originating IP address, location data, the word choice and phrasing in the email, and other factors -- and alert you to a phishing scam.
One of the most interesting uses for AI in blocking attacks has to do with classification. Mark Testoni, the president and CEO of enterprise security company SAP NS2, told CSO that an AI can quantify the level of threat in ways that would normally require much more human effort.
Sign up for CIO Asia eNewsletters.