I’ve spent the last few months chatting with all manner of information security professionals in developing my next agenda. Over the next few weeks, I’ll dig a little into some of the topics and themes brought up during this research period, and share some uninitiated yet sanguine opinions.
AI’s Impact on Cyber Security
There is no silver bullet for IT security nor is there any opportunity to take your eye off the ball. The relentless increase in attacks will continue unabated so you would be excused for looking at a short-cut or two to make things a little easier to handle. The impact of AI, or rather machine learning, is starting to be felt with attacks, but is the response to fight fire with fire or simply monitor and section off anomalies?
Let’s first be clear about automation vs AI. Often used synonymously, automation is rule based (if “A”, then “B”) whereas AI is in a constant state of change, learning and adapting until it reaches its ultimate goal (no, not world domination and enslavement of mankind). The very nature of AI driven attacks is that their complexity may be too much for mere mortals to handle; perhaps this is an argument from AI vendors to buy their kit or perhaps there is more than a kernel of truth in there.
Automation for now seems to plugging the gap for now, even with the potential for human error. This is likely best illustrated by the slow uptake of true AI tech – if it indeed does what it says on the box. Part of this cynicism stems from several conversations I’ve had that allude to the same statement: “that’s not really AI, is it?”
The advantages of AI…
As mentioned, AI brings speed, adaptability and agility to defensive systems. The adaptability of AI brings an instant response to new threats, something that humans might miss, especially AI-supercharged attacks. Performing tasks in milliseconds, these smart machines can free up time and human resource capacity to focus on other security analysis.
Sounds like a slam-dunk, right?
And the limitations
As beneficial as AI can be, there are several resource limitations to it becoming a scalable tool. Put aside the current mass investment into building new networks and chucking out mid-2000s tech, the additional resources required to run an AI system, from a computing power perspective, can burn a hole through any budget. Another headache is that AI feeds and thrives off data; feeding it malicious data can not only take time, but carries its own set of risks.
On top of that, hackers are using AI for attacks; do we have robots fighting each other and slugging it out? Are AI attacks designed to be AI resistant or able to learn and manipulate your own AI tools? There are some suppliers out there with solutions on offer to counter this, but the question still remains if AI is necessary just yet.
After getting through the over-dressed marketing speak of what AI is, companies dabbling with self-learning algorithms are dipping their toes in the water on small isolated projects.
Have AI-driven attacks reached a critical stage where they need to be battled with bots? Perhaps not just yet. The human element still hasn’t left cyber security and won’t ever be cut out, rather repurposed into a more analytical role, or perhaps the puppet-masters/creators of future intelligent code. What I can conclusively add is that we really do not know the potential of AI yet, and that it cannot be ignored indefinitely.
Don’t forget to join us at CISO Africa 2020 from 18-20 February. With keynotes from leading CISOs, interactive streamed sessions, including several discussions on automation and AI in security, this is one you cannot afford to miss. Click here to learn more.
Ryan J. Matthews