We all know about the boom in artificial intelligence (AI). Over the last few years, AI, machine learning and deep learning have displayed almost unlimited potential to improve and enhance processes, functions and technology across a huge variety of industries and sectors.
“AI will change all jobs once it is in the workflow” – Gina Rometty, CEO, IBM
AI is increasingly common in modern businesses, and new applications for this surge in technology are being found every day. Quicker and better credit scoring for banks, better diagnosis and care in the health sector, and huge improvements in production, engineering and manufacturing – across industry, tech and the business world AI is playing an increasingly significant role.
One area where companies in all sectors and across the globe are under pressure is cyber security. Increasingly sophisticated hackers and continued data breaches, coupled with the sheer amount and sensitivity of data that is now available online, makes this a huge priority.
“If people are running digital businesses in big companies, and even small businesses, the message is you’ve got to assume you’re going to get hit by a cyberattack” – Ben Russell, Head of Cyber Threat Response, National Crime Agency UK
So, the obvious question is, can we harness the power and potential of AI to strengthen our defences and improve our ability to guard against malware and cyber crime?
The answer, unsurprisingly is “of course!”. While there are inevitable issues and caveats, AI has the potential to make a huge difference in a company’s cyber security. We’re going to take a little look at what AI cyber security actually is, what it can be, and how it can help to make business operations safer.
Artificial intelligence is the process of machine learning – allowing machines to learn from experiences and adapt and change as a result of previous outcomes and stimuli. Practically speaking, it means that with enough data, machines can be trained to accomplish complex tasks, and produce human-like responses to situations and issues.
Using AI in cyber security is all about inputting data. Feeding in the huge amounts of data that a business has allows machines to learn what is ‘normal’, and what could be considered a ‘risk’. A huge amount of cyber security, even without AI, is pattern spotting, and AI can therefore significantly enhance a system’s ability to protect itself against attack.
AI is particularly valuable in threat hunting and detection. AI systems can be trained to detect malware and viruses using datasets, algorithms and codes. Feed a system with enough normal data, and the abnormal processes, the threats, stand out. AI performs pattern recognition to detect malicious behaviour, follow links to discover malicious pathways or end sites, and recognise malicious files faster and more effectively than a manual system.
Of course, the nature of cyber security means that the threat changes all the time. AI can use Natural Language Processing to collect data, stay up-to-date and learn about improvements in cyber security. This ability gives an AI system a unique insight into the state of play, and can even be used to make predictions for the future!
AI can reduce the workload for cyber security personnel. Part of the problem of cyber security is the sheer volume of data, and work, that is involved. Even a medium sized business produces an extraordinary amount of information, and an AI system is far better equipped to cope with the workload, and is able to respond more quickly and effectively, than human personnel.
AI can scan fingerprints, retina and palm prints for safer and more effective security.
“I expect that we’re going to see artificial intelligence used by the attackers. It’s going to become A.I. against A.I. It’s going to become a full-on war of algorithms” – Nicole Egan, CEO, Darktrace
Of course, as businesses gear up to face incoming threats, and AI is used more and more in providing cyber security, the nature of the threat changes too. As beneficial as AI can be for defending a system, it can also be used to attack, and an artificial intelligence cyber security system can be particularly vulnerable to such an attack.
Building an AI system requires a large amount of resources, and an enormous amount of data to make it effective.
However, recognising the limitations of artificial intelligence does not mean throwing the baby out with the bath water. All it means is that AI has a way to go before it can become a standalone cyber security system. It can play an extremely important role, however it remains essential to hire experienced cyber security professionals, test systems regularly, update hardware and software, train staff fully and maintain an overview of outgoing traffic.
Artificial intelligence can play a huge part in defending your business from the ever-increasing threat from cyber crime. It is, of course, important to acknowledge and address its vulnerabilities when you do so, and to continue to innovate in your cyber security approach, but AI can keep you competitive in the cyber security arms race!