Home » Security Bloggers Network » AI in cybersecurity 101

AI in cybersecurity 101

Introduction to AI and cybersecurity

Artificial intelligence (AI) is one of the perennial buzzwords of computer science. For decades, we’ve been promised robots that will take care of our every need, but science hasn’t quite come through.

AI has certainly made some significant strides in some areas, one of which is cybersecurity. Many cybersecurity providers now offer products that leverage artificial intelligence and machine learning (ML) to help with detection and response to cyber threats. Even the U.S. Pentagon has released a strategy to the media, detailing how they plan to leverage AI for prediction and defense against digital and physical threats.

Why is AI entering cybersecurity?

A large portion of the role of a cyberdefender is boring, thankless tasks. Detection of most cyberthreats requires trawling through massive amounts of data, looking for anomalies or indicators of a possible attack. Once a potential threat has been detected, further data analysis is required to identify the details of the attack, the impact of the breach and the effects on the computers. This requires a lot of number-crunching and looking through data for anomalies.

To be honest, humans are awful at this sort of work. Analysts are known to get security alert fatigue, where too many false alarms mean that they miss real ones. We become bored and miss things, and the result is a breach.

Computers, on the other hand, never get bored, and large-scale data analysis and anomaly detection are some of the things that they’re best suited for. The main reason that AI is entering the cyberdomain is that it is a scalable way to ensure the security of the organization. It acts as a magnifier for the efforts of human efforts. By filtering out most of the noise and only bringing the data points most likely to (Read more...)