Operations
12/12/2016
11:55 AM
Rutrell Yasin
Rutrell Yasin
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

5 Things Security Pros Need To Know About Machine Learning

Experts share best practices for data integrity, pattern recognition and computing power to help enterprises get the most out of machine learning-based technology for cybersecurity.
Previous
1 of 6
Next

The concept of machine learning has been around for decades. Machine Learning (ML) is a type of artificial intelligence (AI) that provides computers with the ability to learn without being explicitly programmed.

Industries and government agencies working with large amounts of data are using machine learning technology to glean insights from this data in real time. Financial institutions use the technology to identify investment opportunities and fraud. Utility companies use the technology to analyze sensor data to increase efficiency and save money. Healthcare practitioners are using the technology to identify trends that could improve diagnoses and patient treatment.

And, cybersecurity experts, inundated by reams of data generated by multiple information technology systems, security tools, networks, and other devices are deploying machine learning technology to detect and thwart internal and external cyber-attacks and threats.

“Machine learning helps humans be more efficient by [aggregating and analyzing] vast amounts of data. It’s not just the volume, but also the scope of data; more data at the same time and more facets of data at the same time,” says Sven Krasser, chief scientist at Crowdstrike, a developer of machine learning-based endpoint security tools.

“One of the big game changers is the emergence of cloud computing,” he says.  By using cloud-based infrastructures, security experts can aggregate more data from vast amounts of resources than ever before.” Traditional techniques where analysts sift through data in some manual fashion to generate rule sets doesn’t work well in today’s dynamically-changing threat environment, Krasser says.

System, sensors, and other networked-devices are generating so much data that it is increasingly difficult for human analysts to find those tidbits – the abnormalities and or patterns – that might give them the insights needed to identify an attack or potential threat, says Matt Wolff, chief data scientist with Cylance, a developer of endpoint security tools based on machine learning technology.

“So, machine learning is an excellent tool and the right approach to take when you have a data intensive problem that you want to solve,” Wolff says.

Industry executives and government agency officials are looking for ways to combat sophisticated attacks and relentless cyber adversaries while coping with a shortage of talented information security professionals. Machine learning-based security tools are yet another technology that they can add to their cyber arsenal.

DarkReading spoke with cybersecurity experts from CrowdStrike, Cylance, Darktrace, and IDC security researcher Peter Lindstrom to get a better sense of what organizations need to know about applying machine learning-based technology for cybersecurity in their organizations.

 

Rutrell Yasin has more than 30 years of experience writing about the application of information technology in business and government. View Full Bio

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
gopinathmohan861
50%
50%
gopinathmohan861,
User Rank: Apprentice
12/14/2016 | 10:11:16 AM
Machine Learning - Useful points
First of all, a big thanks for the article. The informations (5 security pros) mentioned in this article very useful. As AI and ML is going to rule future world, we need to consider these security pros.
JonKim
50%
50%
JonKim,
User Rank: Author
12/15/2016 | 3:02:27 PM
Insightful
Insightful, thank you for sharing.
Printers: The Weak Link in Enterprise Security
Kelly Sheridan, Associate Editor, Dark Reading,  10/16/2017
20 Questions to Ask Yourself before Giving a Security Conference Talk
Joshua Goldfarb, Co-founder & Chief Product Officer, IDDRA,  10/16/2017
Why Security Leaders Can't Afford to Be Just 'Left-Brained'
Bill Bradley, SVP, Cyber Engineering and Technical Services, CenturyLink,  10/17/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.