AI Driven Cyber Threat Protection
18th October 2018
Artificial intelligence and machine learning is not a new development – the famous “Turing test” was developed by Alan Turing in 1950 and AI was formally established as an academic discipline in 1956. (Turing proposed the test of a machine’s ability to exhibit intelligent behaviour indistinguishable from that of a human.) In more recent applications, AI has been put forward to address everything from helping diagnose cancer, powering smart chatbots on websites to translating video conferences in real-time, but perhaps the most effective use today is in protect PCs, devices, data, and critical infrastructure. By adding machine learning and predictive analysis is a must to combat the exponential rise in cyber threats.
The emphasis on bringing more AI to the cyber security stack is urgently required as the sheer volume of threats and attacks easily exceeded the capacity of IT security professionals who are already in short supply.
This year, sophisticated malware and ransomware attacks by threats like WannaCry and Petya, have had a devastating impact on victims. Breaches can shut down companies for days and others have paid a huge price to fix the problem or face damage to brand reputations.
Machine learning is the only way to address the millions of security events that occur every day. Visibility of threats is only part of the battle – collating, understanding and responding to these cannot be done by manually. Organisations simply don’t have enough cyber security professionals with the right skills to do the job. In this case, the only viable approach is to prioritise and hope that they address the most dangerous cases.
Unlike traditional endpoint security products that rely on signatures to detect threats. Assuming that all attacks have been seen before, using signatures makes sense, however today’s malware mutates daily, even hourly, making signature-based prevention tools obsolete. AI-driven cyber threat protection uses machine learning – not signatures – to identify and block known and unknown malware from running on endpoints.
Often the mention of AI-based solutions raises the concern that AI will take away jobs and eliminate the need for IT staff which is far from the truth. Wading through millions of security events to identify real threats is the kind of task best suited to a machine.
AI-driven solutions can free people to do the kind of work where humans do better than machines. Next-generation anti-virus protection helps analysts to make better decisions on threat response.