FEATURE: AI
//////////////////////////////////////////////////////////////////////////
By leveraging AI to automate the manual
and time-consuming analysis of security
events, AI can condense weeks or months
of work into minutes, reducing the time
spent on threat investigations by up to 90%
helping SOC teams to focus on data loss
prevention and mitigation.
Therefore, cybersecurity experts are
confident that AI can augment SOC teams
to make operations more efficient, as well as
detect the early signs of attacks in real time
before key assets are stolen or damaged.
What are some of the use
cases for machine learning/AI
technologies today?
Why should CISOs care about
machine learning? take preventive actions even before security
threats manifest.
With digital transformation, the explosion
of connected devices, and the Internet of
Things, cybersecurity experts have a lot on
their plate. More connected devices equate
to more traffic, more attack vectors, more
attempts at security breaches and a lot more
data that needs to be analysed. What are the prerequisites
to deploying machine
learning technologies?
Add to this, today’s enterprises generate
tremendous amounts of data by simply
doing business. Human element alone won’t
be enough to capture, analyse and mitigate,
this amount of data. Thus, CISOs will need
all the help they can get to prevent security
incidents and respond to threats where
machine learning can be one step in coping
with its sheer complexity
Will AI and machine
learning drive the future of
cybersecurity?
Cybersecurity threats evolve with technology
and adjust to overcome protection
mechanisms. As a result, information security
analysts must focus on mitigating the most
severe risks first - and in an enterprise, this is
a substantial effort.
In this context, machine learning speeds
up the process of initial risk identification
and classification, which enables security
teams to better manage their incident
response function, and more importantly,
60
INTELLIGENTCIO
In my opinion, the human element is
essential to the development of viable
machine learning and AI solutions in
cybersecurity. Machine learning and AI
need human interaction and ‘training’ to
continue to learn and improve, correcting for
false positives, and detecting cybercriminal
innovations, as well as tailoring learning
algorithms to our own problem domain.
Man and machine working together. While
we employ artificial intelligence in several
production systems already, we’re working
against skilled counterparts who are doing
their best to not get detected. This means
our approach needs to evolve over time,
and we need to also keep evolving our AI-
powered systems to become ever better at
preventing and detecting threats in time.
Will this help to automate key
security operations?
Many enterprises are establishing security
operations centres (SOCs) in response to
the rising tide of cyberattacks. Those SOCs
can play a vital role in optimising security
and improving incident response. However,
traditional SOCs are struggling in addressing
security threats effectively when it is made
of the human factor only.
One of the most common use cases is using
AI and machine learning as part of the new
SOCs architecture. As per Forbes, there are
many other use cases where AI and machine
learning are being used today such as data
security, fraud detections and online trading.
What are the risks involved
with machine-learning if
people are not adequately
trained to understand and use
these systems?
As I mentioned above, the human element
is essential to the development of viable
machine learning and AI solutions in
cybersecurity. Machine learning and AI
need human interaction and ‘training’
to continue to learn and improve,
correcting for false positives and detecting
cybercriminal innovations, as well as
tailoring learning algorithms to our own
problem domain.
Where does the region
currently stand in terms of the
application of machine learning
for cybersecurity? How do you
see it moving forward?
The Middle East region is adopting
technologies at a fast pace. Governments
and companies in this region have taken
cybersecurity seriously from the first
moment focusing on developing a serious
and cohesive regulatory framework around
information security and data protection
including the deployment of AI and machine
learning to automate security operations
and achieve early detection of threats. n
www.intelligentcio.com