Artificial intelligence (AI) will play a stronger role in the cyber security space in the future and the key purpose is to initially help automate mundane tasks, like prioritising security logs, so that companies can reduce the human time and effort.
A rapidly-growing number of logs, metrics and all kind of different indicators open doors to two possibilities — cyber blindness or cyber intelligence. Unfortunately, what mostly happens today is cyber blindness, essentially because there is no way to manually check the huge amount of data that cyber experts process every day.
The industry is faced with two options again: to leave the data as it is, leaving the possibility open of looking back to the past to verify data or to develop something, which could help solutions providers to analyse real time logs and take decisions.
The second option is called machine learning or AI. More and more organisations are choosing machine learning and artificial intelligence today.
In fact, the concept of artificial intelligence has been born along with the computing era (Alan Turing). Alan Turing called an infant’s mind and unorganised machine in 1947 and created the early definitions of machine learning. He saw the need for a seeded solution set of accurate or known potential output. Only now are concepts of artificial neural networks (ANNs) being applied to modern cyber security solutions.
And yes, AI is of extreme importance since it is required to stay on level ground with black hats as they adopt this technology themselves. Machine learning will not benefit the industry unless it is applied into an expert system.
Machine learning allows a computer to learn for itself. Imagine an environment where a machine learning system is constantly analysing data across billions or trillions of logs per second (such as in a neural network) and is able to classify, detect patterns, behaviours and eventually predict attacks before it occurs.
This is the possibility and eventual promise of AI; to use Machine Learning so that a system does not need to be taught, that it uses its own ‘instinct’ to take decisions fast.
Security solutions providers have been using AI and Machine Learning to prevent attacks and keep their customer safe but, at the same time, cyber criminals are also deploying AI for attacks.
According to Symantec’s 2017 internet Security Threat Report (ISTR), new sophistication and innovation are the nature of the threat landscape currently.