It’s not unreasonable to suggest the cybersecurity battle is being lost – and on more than one front.
Not only are more efficient and organised cybercriminals winning the security arms race against their corporate targets, there’s also a shortage of cybersecurity professionals equipped with the skills required to fight hackers.
Some claim the fight against online crooks will be bolstered not by hiring more people but rather by machines using techniques based around artificial intelligence, machine learning, and deep learning.
This doesn’t mean self-learning machines will be outright replacing cybersecurity professionals, however, but rather augmenting what they’re able to do and taking care of the most basic tasks.
“We’re not talking about any form of general artificial intelligence with cognitive capability, but a narrow AI with machine-learning capabilities,” says Neil Thacker, deputy CISO at Forcepoint. He describes the security company’s aims as “looking to use supervised learning so decision making doesn’t actually require a human to make the decision”.
Currently, cybersecurity operations, for the most part, require a human to spend their time going through alerts of potentially malicious activity — a repetitive and time-consuming process, especially when you consider many will be false alarms.
“That’s the human part, having to sift through lots of data,” Thacker says. “Some of those alerts are benign but require a person to analyse the event itself, look at the potential consequences, and that’s difficult to do”.
And while this is boring for a human analyst, the more it analyses, the more AI can understand malware and fraudulent activity trends, which is something that will help cybersecurity professionals level the playing field in the fight against hackers.
“For cybersecurity, it definitely cuts down on the need for people to go through menial cases that are obvious false positives, because you can get more accurate and only show them things that are either suspected to be fraudulent or anomalies, which help the model learn best,” says Stephen Whitworth, founder and data scientist at Ravelin Technology, a company founded by former Hailo staff, which deploys machine learning for fraud detection.
Ravelin believe that its machine-learning algorithm can do some things better than a person could, as the code is so specialised it can see things a human might miss.
“Machine learning allows you to think about things in a more complicated ways then a human can. If you think about a decision tree, there’s more than 10 chained questions one after the other, and it’s very hard for a human to encode this in their brain, whereas if you can have an algorithm which can do it, then it’s much more efficient and can provide you with results you didn’t have before,” Whitworth says.
While there are a number of companies using machine learning to fight hacking and cybercrime, there are those who are already looking to take the technology even further with the use of deep learning. One of those is Israeli firm Deep Instinct, which lays claim to being the first company to apply deep learning to cybersecurity.
“With traditional machine learning, whenever you apply it, you need to features engineer it, understand the features, then extract them.