When progressive technologies start to deliver on their potential, we can expect a wholesale shift of vendors looking to get on the bandwagon. First the technology enthusiasts and early adopters will come to validate the promises of the newest technology and hone its potential into something viable for the mainstream. Once that is done, the early majority, late adopters and finally, even the skeptics jump in as well.
Finally the time is here for Artificial Intelligence and Machine Learning (AIML) in cyber. There is a widespread move out of the early adopter stage and into the early majority stage of adoption. We need to get onboard if we are going to thwart cybercriminals. The good news is that the industry is recognizing the power and the value of AIML and is finally making investments in this space.
It is difficult not to see the viability of AIML given how visible the technology has become in other mission-critical services as some of its most promising use cases have matured through stages of development to deployment in recent years. For example, the autonomous driving technology Nissan, Ford and Volkswagen by 2022 or the use of diagnostic tools like IBM’s Jeopardy!-winning Watson in hospitals around the US, are highly monitored and anticipated mission-critical use of AIML in respective industries.
However, there are use cases that are making a more dramatic impact than realized, from the deployment of AI in supply chain and warehouse management, as Amazon has already done, to the widespread adoption of automated journalism, with major publications from the Associated Press to the Los Angeles Times relying upon AI to deliver sports journalism, weather updates and even breaking news stories in a far more timely manner than their human counterparts.
How, then, is AI used to deliver such varied use cases across a range of industries? The answer lies in what AIML does best: ingesting mass amounts of data to recognize patterns at a scale beyond human ability. Given this, it makes sense that AI is rapidly being considered and studied within the field of cybersecurity.
Taking it one step further, analyzing the behavior of the user into account is also key when it comes to AI. While anybody can train an AI to detect anomalies, anybody can likewise train an AI to trick such a system. But human behavior is unique to the individual and is very difficult to mimic the human behavior of an individual. When AI is paired with technologies such as machine learning, it deduces simplified models of human behavior that are capable of assessing, even predicting future actions.
How AIML Changes the Game for Bad Guys
It is very complex to mimic the human behavior of an individual. It is machine learning that deduces simplified models of human behavior that are capable of assessing, even predicting future actions.
AIML is already being taken advantage of by the most opportunistic of cyber experts, hackers. Bad actors understand perhaps more than anyone the value in being able to adapt to specific systems at a grand scale. The same AI technologies that empower computers to make guided decisions when say, managing millions of potential outcomes in Go — a game with many more potential variations than chess – also empowers hackers to develop smarter phishing methodology which could alter its messaging based on collected data, allowing the hacker to personalize attacks for a greater chance of success at a much more rapid pace. Once in your system, AI adds another level of risk in the form of Smart malware, which can be taught to sit in a system undetectably until the program deems certain parameters have been met — whether that’s when logging into a given system or even when hearing a predetermined voice-activated trigger. As hackers are enabled to better make their way into protected systems, Role-based access control (RBAC) will no longer be enough.
AIML in Identity Access Management
One huge selling point of AIML is its ability to configure itself to enable smart security tools that — with the inclusion of machine learning, improve over time, adapt to and even anticipate new, unknown situations. None or only little manual setup is therefore required and consequently, the availability of expensive human experts is not a mandatory requirement anymore. Effectively, such capability increases a company’s security level while tremendously cutting costs. We expect and are working towards fully autonomous cybersecurity tools in the near future. Until then, hybrid approaches that incorporate accessible domain knowledge do provide the best compromise to bridge us to safer grounds.
To provide good cybersecurity, CISOs and IT professionals are already forced to assume that their systems are compromised. CISOs must take steps to understand how the abilities of properly scaled AIML can be used to transform the current state of identity access management (IAM) and authentication.
What’s the state of AI in the cybersecurity industry today?
AI is caught between a ‘good vs. bad’ identity battle. Many believe AI can be used to create potential new attack vectors but at the same time, when paired with machine learning, expert systems and behavior modeling this technology can be used to greatly benefit security practitioners. Either way, we need to remove the “noise” around the term AI — the same noise associated with digital transformation, blockchain, zero-trust, etc.