
What is Rate of Learning?
The rate of learning is defined as a hyper-parameter that controls the weights of a neural network with respect to the loss of gradient. It defines how quickly the neural network updates the concepts it has learned. How does SilverSky use the rate of learning and what is Artificial Intelligence’s (AI) role in it? Let’s find out.
SilverSky’s first exposure to the discussion of the rate of learning occurred when collaborating with The Defense Advanced Research Projects Agency (DARPA). Our Chief Artificial Intelligence Scientist, Rich Heimann, provides more insight into this process in his book “Doing AI” explaining how utilizing AI is both complicated and difficult to create, but when applied properly, it is very powerful. The basic concept of the rate of learning problem is that today’s cyber adversaries (bad guys) differ from the past. The bad guys have become more sophisticated, specialized, and organized. Based on their improvements, they have developed sophisticated teams with each one responsible for different aspects of attacking a network, application, etc. They are very similar in this respect to how most companies operate their Information Technology (IT) organization by having specialists for the network and another team for the applications, etc. The bad guys have even gone further by adding teams that focus on extortion, once the intrusion has been successful. The bad guys are no longer bored teenagers but effectively companies that have started up and may or may not be sponsored by other nations that fund them much like Silicon Valley venture capital firms fund their security startups. The entire ecosystem is well-funded, highly specialized, globally integrated, and very sophisticated.
The result is that the ecosystem of defensive cyber resiliency (good guys) has failed to keep pace with the offensive ecosystem of the hacking community. The resources that a company’s security operations organizations use, the training level of the operations teams, and the processes that these teams follow have fallen behind the advancement of the bad guys. If this were to be illustrated, it would reflect bad guys are obtaining new tactics to hack a system at an alarming rate over the good guys. This presents a scenario that as each day goes by the gap between the ability of the bad guys to penetrate and the ability of the good guys to defend gets wider apart.
We as a member of the good guys need to acquire new ways to keep up with this rapidly advancing skill set that the bag bad guys present. We must keep up with the levels of automated processing, machine learning, advanced intelligence, and a well-trained workforce that the bad guys are using to attack our networks and systems every day. As a result of this advanced level of automation, the cost of entry for the bad guys is so low that no business is exempt from the line of fire from small businesses, mid-market businesses, and large enterprises…everyone is fair game these days.
Things that the good guys must focus on:
- Training – our teams must focus on learning more and getting better every day
- Processes – patching, system upgrades, and human processes of internal communication, our teams must be committed to “not let a drop drop”
- Tools – ensuring tools can learn from the data, continually improving with the capability of creating detections on the most obscure indicators to try and decrease the gap with the bad guys. This is where AI can help close the gap
- Coverage – providing detection capabilities that are both broad and deep so that even small anomalies are assessed to make sure they are not part of a larger attack
- Look to partner with others to make sure that you are getting the most out of your security budget. None of us can do it alone
Remember that security tools or even vendors should not be analyzed solely on price or old school minimum “check box” thought processes. You must analyze the depth of the capabilities and the results:
- Do these tools and vendor capabilities possess the ability to protect my organization?
- Can these tools keep up with the advanced sophistication of the bad guys and does the vendor have the determination to want to learn every day and be the best?
- Does my vendor want to be an extension of my IT team and not view us as a “customer” only?
The best way to accomplish the goals above is to make sure that you start with a platform with sophisticated advanced analytics that utilizes AI and Machine Learning (ML) techniques designed specifically to keep up with the rapidly accelerating rate of learning from the bad guys. In addition, you and or your security vendor must have a highly skilled operations team to react immediately and thoroughly when even the most minor indicator of compromise is detected. Look for these characteristics when choosing your tools and vendor. Start with an acknowledgment that the bad guys are learning at a rapid rate. Then look for a plan to keep up with that accelerated learning rate and tools and people that can execute that plan.
SilverSky is capable and ready to provide you with a full assessment and offer services to protect your organization’s assets. Get a demo of our Lightning services and see how we can help.
*** This is a Security Bloggers Network syndicated blog from SilverSky authored by joe-neri. Read the original post at: https://www.silversky.com/blog/what-is-rate-of-learning/