March 18, 2019
Artificial Intelligence and the Impact of Machine Learning on Cybersecurity
Share This Post
Artificial intelligence (“AI”) and machine learning (“ML”) are two over-hyped terms, but when advanced software can pull patterns from large data sets, human intelligence can make better decisions faster than ever before. The impact on security professionals is profound in that they recognize the promises, but more so, the perils, of AI, and this is driving companies to invest in outsourced security help. Human intelligence, augmented by the right software and powerful computing, is the real breakthrough in cybersecurity. AI and ML are not ex machina stand-alone defenses; they require human assistance to be effective. Before delving into the impact of AI on Cybersecurity further, it is helpful to define terminology and review the history of AI from conceptualization to present day.
Artificial Intelligence (AI) is the science of developing a system or software to emulate human cognition by enabling computers to learn and adapt through experience and patterns, rather than inference. Machine Learning (ML) is but one approach to AI that uses self-learning algorithms and, though currently the most popular type of AI, others like rules-based systems predominate in technology such as autonomous vehicles. A seemingly related term emerging in the last two or three years is Deep Learning. The difference between Deep Learning and ML is the reliability of the results as the scale of data increases. Deep Learning algorithms don’t perform well when the data set is small. Those algorithms require a large amount of data to understand it perfectly. As Kris Lahiri, Chief Security Officer for Egnyte, explains, “Today, deep learning advancements in machine learning allow machines to teach themselves how to build models for pattern recognition (rather than relying on humans to build them)."
In 1956, MIT scientist, Marvin Minsky, first named and conceptualized AI. Pioneers like Google, Amazon and Facebook began to use scalable big data frameworks to effectively collect, scrub, organize and analyze their consumer data from millions of users. By “open-sourcing” this behavioral data, these organizations discovered that businesses could derive tremendous value from Internet searches, product recommendations and newsfeeds. For anyone who has made online purchases or conducted Internet searches for a few years, the evolution of ML is apparent when, for example, products the user views on one vendor website later appear as banners on other sites.
While it is certain that AI will continue to evolve and be an important topic, many business and technology leaders argue that it is THE most important topic. Considering the promises and perils of AI, and the escalating rate of human progress, it is likely to remain so for the foreseeable future.
Noted futurist and author, Ray Kurzweil, wrote about the pace of change within the context of what he calls Law of Accelerating Returns. The law is simple, yet profound: more advanced societies can progress at a faster rate than less advanced societies precisely because they are more advanced. Kurzweil suggests that the advancements of the 20th century would have occurred in 20 years had they begun in the year 2000, maintaining that the rate of progress in 2000 was five times faster than in the entire 20th century. In fact, he believes a 20th century’s worth of progress eventually will happen in less than one month, thus attaining a rate of progress 1,000 times that of the 20th century.
Generally, there are two broad types of cyberattacks. The first seeks to disable the target computer or knock it offline; the second seeks to gain access to the target computer's data and, possibly, get administrative privileges. Recent techniques attackers use to achieve those goals include:
The evolution of ML has multiple implications for both the attackers and defenders of a network. Increasingly sophisticated hackers are using ML to find vulnerabilities that were invisible before. 2017's cyber attacks caused $5 billion worth of damage, a fifteen-fold increase from 2015. Experts estimate cyberattack damage to be $6 trillion from 2018-2021, and that the industry is going to need 3.5 million new cybersecurity workers to clean up the mess. Worse yet, Attackers are deploying AI, too, that will be able to learn the targeted systems and identify vulnerabilities on the fly.
Defensive security controls like firewalls and anti-virus are not enough to cope with current cyber threats. Realizing this, security professionals are using ML software to find patterns in attacks. AI can automate complex processes for detecting and responding to attacks. Data deception technology products can automatically identify, analyze, and defend against advanced attacks by proactively detecting and tricking attackers. This technology, which is becoming more and more sophisticated as usage increases, provides a competitive edge to defenders.
And if all of this seems overwhelming and complex, it is. Companies of all sizes are turning to firms that specialize in managed detection and response (“MDR”) to bolster network security. MDR providers leverage host and network technologies at the host and network layers to collect security event and contextual data and investigate incidents. These technologies are expensive and difficult to find for many organizations, which accounts for the rising popularity for MDR as a service.
Another critical defensive measure is data back-ups. Back-ups can be automated, and when these backups occur in the cloud, or when sensitive information is stored in a secure cloud location the chances of making it through a major disaster in relatively good shape increase significantly. Despite the constant risks, 62 percent of businesses fail to regularly back-up their data, and 40 percent of small and medium-sized businesses never recover from a major data disaster.
Further, there is a push within the sensitive industries to disconnect the most sensitive data from the internet. Physical disconnection ensures security. There are other defensive precautions.
It is incumbent upon all organizations to understand the “state of affairs” in network security. The risks are great and the potential damage significant. The advent of AI and ML has yielded substantial competitive advantages to many companies, but it has opened a Pandora’s box of potential perils as nefarious attackers use these same tools against their targets. While the evolution of AI and ML into cybersecurity defense strategies is encouraging, humans remain the backbone of any sustainable data security strategy.
In their recent piece for the Harvard Business Review, H. James Wilson, Managing Director of Information Technology and Business Research at Accenture Research, and Paul R. Daugherty, Accenture’s Chief Technology and Innovation Officer stress that “Humans need to perform three crucial roles. They must train machines to perform certain tasks; explain the outcomes of those tasks, especially when the results are counterintuitive or controversial; and sustain the responsible use of machines (by, for example, preventing robots from harming humans)."
Through such collaborative intelligence, humans and AI actively complement the other’s strengths. Human exhibit the leadership, teamwork, creativity, and social skills, and machines the speed, scalability, and quantitative capabilities. Business requires both.
AgileIT. (2018). Agile insider blog. Retrieved August 30, 2018, from www.agileit.com/news/protecting-your-data/
Daugherty, P.& Wilson, H. (2018). Collaborative Intelligence: Humans and AI Are Joining Forces. Retrieved August 30, 2018, from https://hbr.org/2018/07/collaborative-intelligence-humans-and-ai-are-joining-forces
Esentire. (n.d.). Your best line of defense. Retrieved August 30, 2018, from www.esentire.com/what-we-do/managed-detection-and-response/
Fruhlinger, J. (2018). What is a cyber attack? Recent examples show disturbing trends. Retrieved August 30, 2018, from www.csoonline.com/article/3237324/cyber-attacks-espionage/what-is-a-cyber-attack-recent-examples-show-disturbing-trends.html
Lahiri, K. (2018). How will artificial intelligence and machine learning impact cybersecurity? Retrieved August 29, 2018, from www.forbes.com/sites/quora/2018/02/15/how-will-artificial-intelligence-and-machine-learning-impact-cyber-security/#345bb04a6147
Martucci, B. (2018). An innovation timeline. Retrieved August 29, 2018, from www.minnesotabusiness.com/ai-innovation-timeline
Mohanty, R. & Vasudevan, V. (2018). AI manager detection and response. Retrieved August 30, 2018, from www.gartner.com/imagesrv/media-products/pdf/paladion/Paladion-1-534YL2H.pdf?submissionGuid=1f5eb787-b70a-4c00-afda-29f3d9c50940
Quora. (n.d.). What are the main differences between artificial intelligence and machine learning? Is machine learning a part of artificial intelligence? Retrieved August 28, 2018, from www.quora.com/What-are-the-main-differences-between-artificial-intelligence-and-machine-learning-Is-machine-learning-a-part-of-artificial-intelligence
Shaikh, F. (2017). Deep learning vs. machine learning – The essential differences you need to know! Retrieved August 29, 2018, from www.analyticsvidhya.com/blog/2017/04/comparison-between-deep-learning-machine-learning/
Urban, T. (2015). The AI revolution: The road to super intelligence. Retrieved August 29, 2018, from www.waitbutwhy.com/2015/01/artificial-intelligence-revolution-1.html
Share This Post