Gemalto’s Breach Level Index tracks cybersecurity challenges — and they are massive:
- Every day, 6.3 million records are hacked.
- That’s 261,012 stolen every hour.
- By the minute, it’s more than 4,300.
- Or, 73 records hacked every second around the world.
Our efforts to parry these threats are becoming more sophisticated. New digital technologies leverage the hyperspeeds found in computer processors. We’re harnessing old technologies such as the algorithms within artificial intelligence (AI) to improve corporate security and thwart the latest hacker threats.
But consider this important point: When the good guys get a new tool, the bad guys do, too. This fact almost ensures that machine learning (ML) will work its way into the constant back and forth between cyberterrorists and technology security teams.
One tool that we’re increasingly seeing on both sides of the battlefield is ML.
Understanding machine learning
While you’ve probably been hearing a lot of buzz around AI, true AI doesn’t exist quite yet. What does exist are a variety of mathematical algorithms that allow computers to use predictive analysis to respond more intelligently to user interactions.
TechEmergence defines ML as “the science of getting computers to learn and act like humans do, and improve their learning over time in autonomous fashion, by feeding them data and information in the form of observations and real-world interactions.”
ML culls data from past activities and uses it to provide a more accurate response. This is partially how your Siri or Alexa interacts with you one-on-one. An important distinction of this computer code is that it is self-replicating — the computer automates these activities, acting independently without being programmed. ML is used today to improve corporate processes such as automating responses to job applicants and improving inventory management.
But the implication for automating “learning” into our machines affects both IT security teams and the hackers threatening our data.
Cybersecurity as machine vs. machine
Today we’re building smarter machines that can process data faster than a human. That’s why it makes sense to use ML to up the ante against cyberterrorism. ML can help corporations respond with better threat intelligence data and faster security response. While current security software can help companies catch the “loud and stupid” data breach, ML holds the potential to cull metadata faster and automate our efforts to search for anomalies in the network.
This means the future state of cyberwarfare will include:
Hackers that use ML to increase the speed and volatility of cyberattacks. ML will shift the attack as the malware “learns.” Security-driven ML will be necessary to keep up with these attacks.
ML can identify trends faster and give security teams actionable insight that can save a network from breach.ML algorithms can be used by criminals to automate their attacks and by security teams to automate the examination of large reams of data to predict if a file is malicious. While this “war of the machines” holds real promise for thwarting cyberterrorism, there are some drawbacks to the approach.
Machine learning’s drawbacks
ML has huge potential for automating faster responses to network security management. But will humans become obsolete in this process? The answer is “no,” because computers’ algorithms are only as good as the data we feed them. ML is not infallible because the people programming computers cannot mitigate all risk.
ML requires a leap of faith to trust the algorithm, which may or may not get the job done. While machines can process data faster than humans, they simply aren’t bulletproof. ML can process the data, but machines can’t — yet — determine how we should respond.
Cybersecurity is all about balancing the right data with a timely response. That’s why an organization armed with human security teams and ML automation makes the most sense for mitigating risks in real time. Together, human and ML algorithms will help identify future threat vectors and determine the appropriate response to the ever-changing cybersecurity threat.
Contact me at firstname.lastname@example.org to discuss how creating a robust cybersecurity framework will mitigate future risks to your business.