There’s every chance you have heard about Artificial Intelligence (AI) and how it is going to revolutionize our lives and industries in unprecedented ways. According to the World Economic Forum Statistics, AI is likely to take over 75 million jobs by 2022 while creating a fresh 133 million jobs.
Juniper statistics estimate that AI systems such as chatbots, computer programs that can simulate conversations with humans, could save businesses a whopping $8 billion per annum by 2022.
But what exactly is Artificial Intelligence?
Could it be the answer to the ever-growing and dynamic cyber threats organizations are constantly facing, often in real-time? Should security professionals be worried that intelligent systems powered by AI will outperform and ultimately take over their jobs?
Simply put, Artificial Intelligence is the ability of a computer or computer program to think and learn. According to the Turing Test, named after its founder, a computer possesses Artificial Intelligence if it can mimic human responses under specific conditions. At its core, AI tries to instil human intelligence into machines to enable them to perform tasks that would otherwise require human intellect.
These machines rely on AI algorithms, well-defined steps for problem-solving, that enable them to categorize, analyze and make predictions from data to accomplish specific tasks. As the machines act and learn from the data, they become better at fulfilling these tasks. AI can fall into two broad categories, weak AI and strong AI. Strong AI uses complex algorithms to enable it to act in different situations while weak AI is simply pre-programmed by a human.
The term Artificial Intelligence is not new
The invention of the electronic computer in 1941, as well as the stored-program computer in 1949, set the ball rolling for AI Research. Nobert Wiener’s theory that intelligent behaviour resulted from feedback that could subsequently be incorporated into machines as well as the development of the logic theorist, widely considered as the first AI program, by Simon and Newell in 1955 heavily influenced this domAIn.
It was not until 1956, however, that John McCarthy, widely considered the father of AI, coined the term Artificial Intelligence. AI has since evolved, from the IBM Watson machine that was able to play chess and beat the world champion in 2011 to present-day programs such as NetFlix that use customer data to provide highly accurate film recommendations to their customers.
Just like other industries, cybersecurity is increasingly relying on Artificial Intelligence. As a field, cybersecurity AIms to protect computer systems, networks as well as information they contAIn from getting damaged or stolen. To accomplish this, cybersecurity professionals rely on a wide array of tools, including network security monitoring tools that provide visibility into networks and generate alerts on suspicious activities.
These tools are relying on AI technology more than ever to analyze millions of events that are generated to identify threats to organizations in real-time. For instance, by leveraging neural networks, security monitoring tools can study and build a picture of a user in an organization over time such that any behaviour out of the ordinary by that user gets flagged, investigated as well as remediated in a timely manner.
The Rare Events!
Some of the unusual events could include clicking on suspicious links from emAIls; stopping such events could immediately prevent phishing before credentials can be harvested for instance.
AI’s application in security goes beyond unearthing anomalies, however. By using machine learning and deep learning, both subsets of AI, anti-malware programs can stop malware right on its tracks.
By drawing upon huge databases of malware, anti-malware programs can examine code and determine either existing, modified or new malware programs and stop them before they can infiltrate an organization’s network. In late 2019, Cylance was able to leverage machine learning to discover and protect users from malware disguised as audio files.
Why Do You Need Artificial Intelligence?
A huge reason why security is relying on Artificial Intelligence is AI’s ability to identify and remediate threats in real-time. While it is impossible for humans to monitor everything across the network all the time, AI systems can effectively use data from previous incidents to classify threats and take appropriate action.
For example, using a database of malicious IPs, AI systems can instantly detect malicious traffic from a malicious IP address and block it immediately. With its ability to adapt and learn, AI makes it possible to understand the impact of actions and intelligently respond in real-time.
Evidently, Artificial Intelligence in cybersecurity is not just another science fiction script; it has huge benefits that can enable organizations to identify and respond to dynamic threats in real-time. However, organizations should not think that AI will solve all their security challenges. In fact, over-reliance on AI could arguably give organizations a false sense of security and further expose their digital resources to attacks.
Therefore, there is a need to strike a balance between leveraging AI’s ability to instantly identify threats with human action including filtering out false positives as well as blocking malicious hosts for better security.
AI Taking Over!
Should security professionals be worried that AI will eventually take over their jobs? Yes and no. Organizations are constantly trying to minimize costs while increasing productivity. By leveraging AI technologies, companies will be able to significantly reduce their technical teams while becoming more effective. However, they still need to bring in more skilled personnel that can provision and utilize these tools in ways that will improve their security postures.
Furthermore, human decisions are still required when it comes to triaging and investigating security events. Therefore, security professionals should keep upskilling and making constant efforts to understand how AI tools can be used to further improve the security postures of their organizations.