Artificial intelligence (AI) is all over the technology headlines lately. It seems to be the latest buzzword to take hold, yet the question remains: Will this be a quick fad, or are we actually seeing the second coming of AI? Most recently, there has been a heavy surge of artificial intelligence thinking applied to cybersecurity. Could this be a long-term application for the cognitive technology and a way for enterprises to ward off some of the increasingly stealthy attacks they are blind to at the moment? Will cybersecurity give AI new life and a second chance in an industry desperate to provide protection against cyberthreats?
A Quick AI History Lesson
Before we dive into the viability of AI in cybersecurity, let’s review a little bit of its history. AI is certainly not a new concept; rather, it’s one that has been in development since the early 1950s. The first attempt at what we would all recognize as artificial intelligence was in 1950 when researcher Alan Turing published “Computing Machinery and Intelligence,” where he proposed an imitation game dubbed the “Turing test.” Since that time, we’ve seen interesting applications of the technology — from the first human-like robot, Honda’s ASIMO, to IBM’s Watson, the supercomputer that went on to defeat the two greatest Jeopardy champions in the TV show’s history. But as of yet, we have not seen a wide application of artifical intelligence or machine learning in a business setting.
The Case For Artificial Intelligence In Cybersecurity
What problem could machine learning and artificial intelligence solve for cybersecurity? The answer to that question is twofold. The lack of visibility is one of the biggest cybersecurity challenges that enterprises face today. IT security teams are struggling to see what is happening in and around their IT infrastructures. They are challenged to sift through the numerous security incident logs, to detect potential threats and to be able to catch, stop or mitigate them. They struggle to understand where all corporate data lives and who has access to it, not to mention what users are doing with that access. The logs generated by their security and identity governance infrastructures are not by the thousands, nor by the millions, but by the hundreds of millions on a weekly basis. To spot the clue for an attack or any abnormal, suspicious activity would require more than a very large IT team.
There is clearly a big data problem in security. There is just too much data for any enterprise IT team to manage, bare minimum. But to also be able to analyze all of that data, seeking out anomalies that could signal a looming threat, is another story entirely. Even if an enterprise IT team had enough manpower to manage the data at hand, there is just no way for us as humans to analyze that much data in real time. With machine learning, that mountain of data could be whittled down in a fraction of the time, helping organizations quickly identify and then mitigate a security incident. Artificial intelligence could be a game-changer for security teams.
AI’s Second Chance
Between the mountain of security data that IT teams must manage and the lack of visibility I described above, now might be AI’s time to shine. Cybersecurity could become one of the best AI applications that the business world has seen.
Other factors are also strengthening the case for AI in cybersecurity.
The first factor is the serious skills shortage enterprise IT security departments are facing. Not only are they struggling to find the right talent, but there’s hardly any talent to choose from. Having “machine engineers” assigned to the task of sifting through loads of data will invariably prove more efficient and effective at sorting through the good to seek out the bad versus relying on manpower alone. This could prove to be a competitive advantage for enterprises as well. Think about it: Enterprises that use AI to more efficiently and effectively shore up their cybersecurity posture will be in a better position to advance their entire business forward. Why? Because their IT leaders will be spending less time reacting to security threats and more time focused on the needs of the business overall.
The second factor is that hackers will start using AI to their advantage, helping them dig through mountains of consumer big data in the form of stolen records, helping them to quickly identify and contextually target their next victims. And, similar to how IT teams could use AI to automate and augment manual tasks, hackers will be doing the same when developing their next attacks. Take spear phishing, for example. Instead of a hacker taking his or her time to target a single user, understanding their email patterns and relationships, that hacker could speed that process along with machine learning, analyzing how a victim uses his or her email to communicate, and launch extremely effective spear phishing attacks as a result. With hackers on their way to using AI as another tool in their arsenal, they will once again be a step ahead of us.
While hackers quickly learn to turn machine learning into a distinct advantage, now is the time to consider if and where artificial intelligence fits into cybersecurity strategy for businesses today. And while the role of AI in cybersecurity is certainly in the early stages and still needs to evolve, it’s time to take note as it makes its second coming in the business world known.