Our very own guardian angel: the promise of machine learning for cybersecurity
28 May 2018
Christian Kusi-Obodum, Account Executive, Withpr
The cogs of cybercrime never stop turning. The cyber criminals are hard at work, targeting firms in every sector. In April 2018 alone, organisations including the NHS, Ikea and Great Western Railway fell victim to security breaches. Even more worryingly, the German Foreign Ministry’s computer network was breached earlier this year. And a recent report by NTT Security revealed that over the course of 2017, ransomware attacks increased 350%. Security threats like these, it seems, are never ending. But there is good news on the horizon: new technology is emerging that has the potential to help fight the battle against cyber criminals.
Enter the guardian “AI”-ngel (excuse the pun). To be very specific with the terminology, it is machine learning that provides computers and software the seed of true “intelligence”. Through machine learning, software can actively learn and improve itself, without additional programming by a human. Data scientists are initially needed to provide the computer programme with the all-important algorithms, allowing the machine to recognise patterns and make predictions.
Far from the often-sensationalised headlines around AI and the end of humanity, the promise of machine learning is much more nuanced than some media narratives may have us believe. The applications of this technology are practically limitless. Of course, like all forms of technology, there is the risk that it could be misappropriated by individuals with bad intentions. However, in reality machine learning is being applied helpfully across many walks of life, from medical treatment and new drug discovery, to traffic flow and passport control.
Crucially for cybersecurity, machine learning offers the potential of improving network security and monitoring for security breaches. By collecting and analysing large amounts of data, intelligent security systems are monitoring web traffic, detecting suspicious activity and alerting human security analysts – who may not otherwise have the capacity to spot every anomaly across the system.
Companies like ZoneFox and AlgoSec are harnessing the potential of machine learning to provide the next generation of cyber defence systems. Zonefox uses AI to analyse behaviour and identify malicious activities across networks, allowing for improved data security and limitation of insider threats. Meanwhile, AlgoSec is pioneering the use of AI chatbots in the cybersecurity industry. Their aptly named “AlgoBot” answers network and firewall administrators’ questions around security policy management, as well as providing access to AlgoSec’s security solutions.
Whilst elsewhere machine learning has established itself as the new best friend of marketers and advertisers, it is still in early stages of development in cybersecurity. At the moment, human analysts do the majority of systems monitoring and major breach detection. As with other applications of machine learning, this technology should be seen as enhancing human workers, rather than replacing them. One cyber security provider that strongly advocates this approach is SecureData. With the fusion of machine learning with some of the world’s most experienced security experts, their solutions are built with the human element of cyber crime in mind. After all, it takes a human – not a machine – to think like a criminal.
Importantly, for machine learning to unleash its true potential, it needs to be “fed” a large stock of data to learn from. At present, data surrounding how security breaches have occurred is relatively difficult to come by – naturally, firms are less forthcoming in sharing sensitive information around system failures. A gradual shift towards greater collaboration and exchange within the industry would undoubtedly help.
Evidently, the potential for machine learning is there. The hope is that improved security systems will provide ever more accurate threat detection, complementing (and not entirely replacing) the human security analyst. Momentum is certainly building. A recent global survey by IBM Resilient found that 77% of IT and compliance professionalsinterviewed saw AI as the key to strengthening defences against cyber attacks. And faced with the shortage of skilled security analysts, the need for AI systems that can do some of the initial threat detection legwork is only set to grow.
The reality is that cyber attacks pose a risk at every level, from SMEs to larger corporations and national governments. Criminals are taking advantage of technological innovation, and we need to keep up with them if we are to stay safe. Machine learning may prove to be the guardian angel of our very own making.