Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Machine learning: Cybersecurity dream-come-true or pipe dream?

Taylor Armerding | Dec. 21, 2015
IT experts agree that machine learning has demonstrated enormous value in enhancing search engine capabilities or in spotting patterns in everything from finance to medicine. But the debate continues about its value in cybersecurity

machine learning

Want to know which of your workers aren’t working much, which ones are planning to leave soon and/or might also be planning to steal some proprietary data on the way out the door?

Machine learning can help you spot it much more quickly than your legacy HR department, according to Ariel Silverstone, a consulting chief security and privacy officer, who said he’s seen machine learning do that with “a week’s worth of baseline data.”

He is not the only one convinced of its value. Zev J. Elgen, global director of data analytics for the law firm Littler Mendelson, said while machine learning’s application to cybersecurity is relatively new, it has the potential to “revolutionize” it.

And former Symantec CTO Amit Mital (now manager at KNRL Labs), at a panel discussion sponsored by Fortune magazine this past July, called Artificial Intelligence (Machine Learning is a component of Artificial Intelligence) one of the “few beacons of hope in this mess” – the mess being cybersecurity, which he contended is “basically broken.”

But not all experts are convinced of machine learning's revolutionary power.

Simon Crosby, CTO of Bromium, whose recent post in Dark Reading was headlined, “Machine Learning is cybersecurity’s latest pipe dream.” He argued that, “there is no silver bullet in security, and there’s no evidence at all that these tools help.”

That skepticism is pretty much in line with the conclusion of research firm Gartner, which ranked Machine Learning among the top five technologies at the “peak of inflated expectations” in its 2015 Hype Cycle.

But a number of experts, while they all agree there is no silver bullet in cybersecurity, say there is a lot of room between that and a pipe dream.

“Machine learning is not a silver bullet,” said Stephan Jou, CTO of Interset, “but in an industry where we see huge losses on a weekly basis even after companies have deployed millions of dollars of security technology, it is incredibly short-sighted to underestimate it.”

Gary King, director of the Institute for Quantitative Social Science at Harvard University, agreed. Machine learning is “not remotely a pipe dream,” he said.

“That doesn't mean it can do anything without any thought. There are things you can't do well with it now, and there are many more things that some people will do badly even if others could use them to great effect,” he said, adding that skilled humans need to be in charge of machine learning, directing an intelligence effort.

But those humans, “should also receive as much help as would be useful. As it happens, [machine learning] can help a great deal,” he said.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.