The Problem with Artificial Intelligence in Security

Any notion that AI is going to solve the cyber skills crisis is very wide of the mark. Here’s why.

If you believed everything you read, artificial intelligence (AI) is the savior of cybersecurity. According to Capgemini, 80% of companies are counting on AI to help identify threats and thwart attacks. That’s a big ask to live up to because, in reality, few nonexperts really understand the value of AI to security or whether the technology can effectively address information security’s many potential use cases.

A cynic would call out the proliferation of claims about using AI for what it is — marketing hype. Even the use of the term “AI” is misleading. “Artificial intelligence” makes it sound like the technology has innate generalized intelligence that can tackle different problems. In reality, what you have in most cases is a machine learning (ML) algorithm that has been tuned for a specific task.

The algorithms that are embedded in some security products could, at best, be called narrow (or weak) AI. They perform highly specialized tasks in a single (narrow) field and have been trained on large volumes of data, specific to a single domain. This is a far cry from general (or strong) AI, which is a system that can perform any generalized task and answer questions across multiple domains. We are a long way from those type of solutions hitting the market.

Having a technology that can do only one job is no replacement for a general member of your team. So, any notion that AI is going to solve the cyber skills crisis is very wide of the mark. In fact, these solutions often require more time from security teams — a fact that is often overlooked.

For example, take the case of anomaly detection. It’s really valuable for your security operations center analysts to be able to find any “bad stuff” in your network, and machine learning can be well-suited to this problem. However, an algorithm that finds way more “bad stuff” than you ever did before might not be as good as it sounds. All ML algorithms have a false-positive rate (identifying events as “bad” when they are benign), the value of which is part of a trade-off between various desired behaviors. Therefore, you tend to still need a human to triage these results — and the more “bad” the algorithm finds, the more events there are for your team member to assess.

The point is not that this is a particularly surprising result to anyone familiar with ML — just that it’s not necessarily common knowledge to teams that may wish to employ these solutions, which may lead to inflated expectations of how much time ML may free up for them.

Whereas the example above was about how ML algorithms can be targeted at doing some of the work of a security team directly, algorithms can also be used to assist them indirectly by helping users avoid making mistakes that can pose a risk. This approach is exciting because it starts to look at reducing the number of possible events coming into the funnel — rather than trying to identify and mitigate them at the end when they contribute to a security event. It’s not just solving the most obvious issue that may bring about the desired outcomes in the long term.

The other issue that is easy to overlook when considering ML is that of data. Any ML algorithm can only work when it has enough data to learn from. It takes time to learn; just think, how many Internet cat pictures do you need to show it before it recognizes a cat? How long does the algorithm need to run before the model starts to work? The learning process can take much longer than expected, so security teams need to factor this in. Furthermore, labeled data, which is optimal for some use cases, is in short supply in security. This is another area where getting a “human in the loop” to classify security events and assist in the training of the algorithm can be required.

There is a lot of promise for machine learning to augment tasks that security teams must undertake — as long as the need for both data and subject matter experts are acknowledged. Rather than talking about “AI solving a skill shortage,” we should be thinking of AI as enhancing or assisting with the activities that people are already performing.

So, how can CISOs best take advantage of the latest advances in machine learning, as its usage in security tooling increases, without being taken in by the hype? The key is to come with a very critical eye. Consider in detail what type of impact you want to have by employing ML and where in your overall security process you want this to be. Do you want to find “more bad” or do you want to help prevent user error or one of the other many possible applications?

This choice will point you toward different solutions. You should ensure that the trade-offs of any ML algorithm employed in these solutions are abundantly clear to you, which is possible without needing to understand the finer points of the math under the hood. Finally, you will need to weigh up the benefits of these trade-offs, against the less obvious, potential negative second-order effects on your existing team — for example, more events to triage.

Whichever type of problem you’re hoping to solve, availability of data that is high quality and up to date is absolutely crucial to your success with emerging ML capabilities. Organizations can lay the foundations for this now by investing in security data collection and analysis capabilities and their security team’s data skill sets. The necessity of having security SMEs to interpret machine learning output (whether as part of a formal “human in the loop” solution, or just having analysts triaging results post-processing) is going to continue to be fundamental for the foreseeable future.

 

Original post: https://www.darkreading.com/threat-intelligence/the-problem-with-artificial-intelligence-in-security/a/d-id/1337854

98 comentários em “The Problem with Artificial Intelligence in Security

  1. I’m not sure why but this web site is loading extremely
    slow for me. Is anyone else having this issue or is it
    a problem on my end? I’ll check back later on and see if
    the problem still exists.

  2. Good day! Do you know if they make any plugins to help with Search
    Engine Optimization? I’m trying to get my blog to rank for some targeted keywords but I’m not seeing very
    good success. If you know of any please share.

    Thank you!

  3. When I originally commented I seem to have clicked on the -Notify me when new comments are added- checkbox
    and from now on whenever a comment is added
    I get 4 emails with the same comment. Is there a way you can remove me from that service?

    Thanks!

  4. I am the manager of JustCBD company (justcbdstore.com) and I am currently trying to develop my wholesale side of business. I am hoping someone at targetdomain share some guidance . I considered that the very best way to accomplish this would be to reach out to vape stores and cbd stores. I was hoping if anyone could recommend a trusted web-site where I can purchase CBD Shops Mailing List I am currently considering creativebeartech.com, theeliquidboutique.co.uk and wowitloveithaveit.com. Unsure which one would be the most suitable selection and would appreciate any support on this. Or would it be much simpler for me to scrape my own leads? Suggestions?

  5. I’m the owner of JustCBD Store label (justcbdstore.com) and am planning to broaden my wholesale side of company. I really hope that someone at targetdomain can help me ! I thought that the best way to accomplish this would be to connect to vape stores and cbd retail stores. I was really hoping if anybody at all could recommend a qualified site where I can buy CBD Shops B2B Email Marketing List I am presently examining creativebeartech.com, theeliquidboutique.co.uk and wowitloveithaveit.com. Unsure which one would be the best option and would appreciate any assistance on this. Or would it be simpler for me to scrape my own leads? Ideas?

  6. You’ve made some decent points there. I checked on the web for more info about the issue and found most people will go along with your views on this web site.

  7. I’m amazed, I have to admit. Seldom do I come across a blog that’s both equally educative and interesting, and without a doubt, you have hit the nail on the head. The problem is an issue that not enough men and women are speaking intelligently about. I am very happy that I stumbled across this in my hunt for something regarding this.

  8. Oh my goodness! Amazing article dude! Thanks, However I am going through issues with your RSS. I don’t know the reason why I can’t join it. Is there anybody having similar RSS problems? Anybody who knows the solution will you kindly respond? Thanks!!

  9. The next time I read a blog, Hopefully it won’t fail me as much as this particular one. I mean, I know it was my choice to read through, but I genuinely believed you would probably have something useful to talk about. All I hear is a bunch of moaning about something you can fix if you were not too busy searching for attention.

  10. I’m more than happy to uncover this web site. I need to to thank you for your time for this fantastic read!! I definitely enjoyed every little bit of it and I have you saved to fav to check out new stuff in your site.

  11. You made some really good points there. I checked on the web for more information about the issue and found most people will go along with your views on this site.

  12. Good day! I just would like to give you a huge thumbs up for your excellent information you have here on this post. I will be returning to your blog for more soon.

  13. Aw, this was an exceptionally good post. Taking the time and actual effort to make a superb article… but what can I say… I hesitate a lot and don’t seem to get nearly anything done.

  14. Hi there! This article couldn’t be written much better! Reading through this post reminds me of my previous roommate! He continually kept talking about this. I am going to forward this post to him. Fairly certain he will have a great read. Thank you for sharing!

  15. When I initially commented I appear to have clicked the -Notify me when new comments are added- checkbox and now each time a comment is added I receive four emails with the same comment. There has to be a way you are able to remove me from that service? Thanks!

  16. I’m amazed, I have to admit. Rarely do I encounter a blog that’s both educative and interesting, and let me tell you, you’ve hit the nail on the head. The problem is something which too few people are speaking intelligently about. Now i’m very happy that I stumbled across this during my hunt for something regarding this.

  17. This is the perfect blog for anyone who wants to understand this topic. You understand a whole lot its almost tough to argue with you (not that I personally would want to…HaHa). You definitely put a new spin on a topic which has been written about for years. Excellent stuff, just wonderful!

  18. That is a very good tip particularly to those new to the blogosphere. Short but very accurate info… Appreciate your sharing this one. A must read article!

  19. Having read this I thought it was rather enlightening. I appreciate you spending some time and energy to put this short article together. I once again find myself personally spending a significant amount of time both reading and posting comments. But so what, it was still worth it!

  20. Good post. I learn something new and challenging on sites I stumbleupon every day. It will always be helpful to read through articles from other authors and use a little something from their websites.

  21. Howdy! This post could not be written any better! Going through this article reminds me of my previous roommate! He always kept talking about this. I’ll send this information to him. Pretty sure he’s going to have a very good read. Thanks for sharing!

  22. I’m pretty pleased to find this web site. I need to to thank you for ones time for this particularly wonderful read!! I definitely savored every bit of it and I have you saved to fav to look at new things on your website.

  23. Oh my goodness! Amazing article dude! Thank you so much, However I am experiencing difficulties with your RSS. I don’t know why I am unable to join it. Is there anybody getting identical RSS issues? Anyone who knows the solution will you kindly respond? Thanx!!

  24. I truly love your site.. Pleasant colors & theme. Did you make this web site yourself? Please reply back as I’m attempting to create my very own site and want to know where you got this from or just what the theme is named. Kudos!

  25. Hi, I do believe your site may be having browser compatibility problems. Whenever I take a look at your site in Safari, it looks fine however when opening in IE, it has some overlapping issues. I merely wanted to provide you with a quick heads up! Apart from that, excellent blog!

  26. I’m more than happy to discover this great site. I need to to thank you for ones time due to this wonderful read!! I definitely savored every part of it and I have you bookmarked to see new stuff in your blog.

  27. Hello there! This blog post couldn’t be written much better! Going through this post reminds me of my previous roommate! He always kept preaching about this. I will forward this information to him. Fairly certain he’s going to have a good read. I appreciate you for sharing!

  28. I truly love your website.. Pleasant colors & theme. Did you create this website yourself? Please reply back as I’m hoping to create my own blog and would like to learn where you got this from or what the theme is named. Cheers!

  29. The next time I read a blog, I hope that it doesn’t disappoint me as much as this particular one. After all, I know it was my choice to read, nonetheless I actually thought you would probably have something useful to say. All I hear is a bunch of complaining about something that you could possibly fix if you weren’t too busy seeking attention.

  30. You’re so awesome! I do not suppose I have read through something like this before. So wonderful to discover somebody with a few genuine thoughts on this topic. Seriously.. many thanks for starting this up. This website is something that’s needed on the web, someone with a bit of originality!

  31. I’m impressed, I must say. Seldom do I come across a blog that’s both educative and interesting, and without a doubt, you have hit the nail on the head. The problem is something which not enough folks are speaking intelligently about. I’m very happy that I stumbled across this during my search for something concerning this.

  32. I must thank you for the efforts you’ve put in writing this website. I am hoping to view the same high-grade content from you in the future as well. In fact, your creative writing abilities has inspired me to get my very own website now 😉

  33. This is the right webpage for everyone who wishes to understand this topic. You understand so much its almost hard to argue with you (not that I actually will need to…HaHa). You certainly put a fresh spin on a subject that’s been discussed for decades. Great stuff, just excellent!

  34. I absolutely love your site.. Pleasant colors & theme. Did you create this website yourself? Please reply back as I’m trying to create my own personal site and want to learn where you got this from or exactly what the theme is called. Cheers!

  35. I’m impressed, I must say. Seldom do I encounter a blog that’s equally educative and entertaining, and without a doubt, you have hit the nail on the head. The issue is an issue that not enough men and women are speaking intelligently about. I’m very happy I stumbled across this in my hunt for something relating to this.

  36. Oh my goodness! Incredible article dude! Many thanks, However I am experiencing difficulties with your RSS. I don’t understand the reason why I cannot subscribe to it. Is there anyone else getting identical RSS issues? Anyone that knows the solution will you kindly respond? Thanx!!

  37. Hello there! This blog post could not be written any better! Looking through this article reminds me of my previous roommate! He constantly kept preaching about this. I will send this post to him. Fairly certain he’s going to have a good read. Many thanks for sharing!

  38. Hi there! This blog post couldn’t be written much better! Looking through this post reminds me of my previous roommate! He constantly kept preaching about this. I’ll forward this information to him. Pretty sure he’s going to have a good read. I appreciate you for sharing!

  39. Hi, I think your site could be having browser compatibility problems. When I look at your web site in Safari, it looks fine but when opening in IE, it’s got some overlapping issues. I just wanted to provide you with a quick heads up! Besides that, fantastic blog!

  40. You’ve made some really good points there. I looked on the web for more info about the issue and found most people will go along with your views on this site.

  41. I blog quite often and I seriously thank you for your content. The article has truly peaked my interest. I am going to take a note of your website and keep checking for new details about once per week. I opted in for your Feed too.

  42. Howdy! This blog post couldn’t be written much better! Reading through this post reminds me of my previous roommate! He continually kept preaching about this. I’ll send this article to him. Pretty sure he’s going to have a good read. Thank you for sharing!

  43. After I initially left a comment I appear to have clicked on the -Notify me when new comments are added- checkbox and now every time a comment is added I recieve four emails with the same comment. Is there a means you can remove me from that service? Kudos!

  44. Your style is very unique compared to other folks I’ve read stuff from. Thank you for posting when you’ve got the opportunity, Guess I will just book mark this blog.

  45. Hello there! This article could not be written much better! Looking through this post reminds me of my previous roommate! He constantly kept talking about this. I most certainly will send this article to him. Fairly certain he’ll have a great read. Thank you for sharing!

  46. An impressive share! I’ve just forwarded this onto a co-worker who was doing a little homework on this. And he actually bought me lunch because I discovered it for him… lol. So let me reword this…. Thanks for the meal!! But yeah, thanx for spending some time to talk about this matter here on your website.

  47. This is the right webpage for anybody who really wants to understand this topic. You understand so much its almost hard to argue with you (not that I actually will need to…HaHa). You definitely put a fresh spin on a subject that has been written about for many years. Wonderful stuff, just excellent!

  48. You made some good points there. I looked on the internet for more information about the issue and found most individuals will go along with your views on this web site.

  49. You have made some decent points there. I checked on the internet to learn more about the issue and found most individuals will go along with your views on this site.

  50. Good day! I could have sworn I’ve visited this blog before but after looking at some of the posts I realized it’s new to me. Regardless, I’m definitely happy I stumbled upon it and I’ll be book-marking it and checking back regularly!

Leave a Reply

Your email address will not be published. Required fields are marked *