The Cognitive Era: AI Cyber Security
Updated: Nov 23, 2019
Technology companies and researchers across the world have now set an ambitious goal of developing AI solutions that are not just intelligent in terms of the decision taken, but those that can also learn from the data - more like human beings do. This is done by building an intimate connection between human beings and machines through sensors.
So, what is the Cognitive Era?
Cognitive era is the new generation of computing. Before this, there was the programming era, where powerful computers that could be reprogrammed to solve complex business calculations and other challenges become accessible to most people. The cognitive era is thus evolution of this programming era into a more advanced level where the interaction of these computers and their environment does not necessarily require the intervention of a human operator. It can also be defined as the merger between the vast strengths of computers with the current brilliance of their human operators.
What is AI in cybersecurity?
Artificial Intelligence (AI) in cybersecurity implies the use of technology that can efficiently detect security anomalies in computers or servers. AI identifies patterns that differ from the existing models of behavior. It gives computers capability to detect malicious activities without waiting for human personnel to carry out forensics before determining the threat. In the past ages, malware could remain undetected for months or even years, while continuously harvesting valuable data and generating remarkable revenue to the black hats.
Top 4 cybersecurity challenges
i. Ransomware Evolution
This is the bane of IT, cybersecurity, executives, and data professionals. Hackers attack systems such that the spreading virus can only be eliminated by meeting the intruders’ conditions. In most cases, cybercriminal demands are valued at hundreds of thousands of dollars.
In today’s world of rapidly evolving ransomware, DR strategies used in yesterday's world cannot be an efficient measure against the attacks. Therefore, institutions lose data which they cannot retrieve unless they handsomely pay the cybercriminals. For instances, the case of Norsk Hydro company where they had to pay a ransom of 45 million pounds to attain full recovery from the attack.
ii. IoT Threat
Most people are always online. The majority of people in first world countries have televisions at home, an iPhone in their pocket, tablet in cars and a computer to use at work. With the emergence of the internet of things, it implies that every device you own is connected to one another in one way or the other. For instance, you can remotely order pizza through Alexa. Despite the advantages of all that connections, it also increases consumers’ exposure to cyberattacks. From the past studies, approximately 70 percent of IoT devices have major security vulnerabilities.
iii. Blockchain Revolution
Blockchain is a decentralized and secure record of transactions used cryptocurrencies. It is a distributed ledger technology that can be applied to cybersecurity. For instance, in identity theft management, it focuses on validating that someone is actually the person they are claiming to be. Hackers have taken this advantage to bypass security systems set by organizations. Malicious hackers can create false identity similar to that of C-level executives so as to gain access to valuable digital assets.
iv. AI Expansion
Intelligent systems have proved to be able to defend against incoming cyber-attacks. It is projected that companies are likely to spend close to $2.5 billion on enhancing AI to prevent cyber-attacks. The developments will bring along several benefits as well an increase in exposure levels. Expansion of AI implies that hackers must also be smarter than the white hats.
AI cybersecurity in the Cognitive Era
The state of cybersecurity is at an inflection point with number of events and risks growing exponentially making it difficult for security teams to keep up with the volume of tasks. Threat sophistication and numbers of threat variations is becoming complex day in day out hence making the use of traditional approaches incapable of completely eliminating the threat. AI therefore employs mainly the use of Machine Learning or deep learning to detect threats and to keep up with the rapidly changing threat landscape. AI is the driving force behind the cognitive ability of these modern cybersecurity systems. It has made cybersecurity almost a self-executing system when computers or servers are subjected to compromising situations by malicious hackers.
What are the benefits?
The primary benefits of AI to cybersecurity are centered around quicker analysis and mitigation of threat such as better management of data, enhanced threat detection/preventative measures, behavioral analytics and effective authentication of users. Other business benefits may include;
o Enables more time for security professionals to focus on higher priority or important tasks
o It lowers total expense – utilising computers to do the heavy lifting means the organization can employ less personnel to meet similar level or better outcomes
o Deeper analysis and insight – advanced capabilities using AI-powered technologies to perform complex analytic tasks to provide greater insight into potential threats & vulnerabilities
o Complex authentication which is continuous - Instead of a user being logged out or in, the application continually computes an authentication risk rating which measures the extent of certainty that the one operating the account is the actual owner.
Even as human and computers work towards learning to coordinate in ways that could not be achieved before, more evolution of security capabilities based on intelligent behavior is expected to occur. The future will see systems with the capability to self-protect themselves from cyber-threats hence addressing the agitating need for security in cognitive computing. This may take years to achieve, but the good thing is that the journey has already begun.
About the Author - Liem Nguyen is the Co-Founder & CTO for Cognitive Security , a cyber security firm which specializes in AI-powered cyber security. He has worked for medium/large enterprises and government entities across diverse industry sectors all over the world.
He is passionate about the cognitive era and what AI can bring to cyber security.