Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
9/20/2017
03:20 PM
Lee Fisher
Lee Fisher
Partner Perspectives
50%
50%

Artificial Intelligence: Getting the Results You Want

Finding a vendor that doesn't claim to do AI is hard these days. But getting the benefits you need and expect is even harder.

There are many discussions across the security industry today that revolve around the need for companies to leverage artificial intelligence or AI. Finding a vendor that doesn’t claim to do AI is hard – it seems that we all are working at it. 

While it seems like a logical step for the industry to look towards AI, you could also say it is a natural evolutionary step for security teams in order to keep up with the sheer volume and variety of threats that cyber criminals are developing against them. There were 357 million cases of malware attacks in 2016 and that number has grown exponentially over the past five years, according to the 2017 Symantec Internet Security Threat Report. If that trend continues, we could see over 1 billion attacks in a year by 2020.

With such a high number of threats for the security industry to process, AI seems to have become a promised land for the many vendors that are increasingly placing automation and machine learning into their research labs to process and analyze metadata from billions of threats and indicators of compromise from previous attacks. They are undertaking this step in the hope that they can identify malware before it affects their customers. This is a worthwhile endeavor, for sure, but it isn’t going to be enough to defeat malware authors. The industry needs to go beyond simply categorizing threats.

New Approaches and Capabilities
It’s encouraging to know that there are a variety of approaches to AI across the industry. For that reason it's important for researchers to understand the differences between various approaches, their capabilities, and effectiveness.

Artificial Intelligence is broadly defined as machines that are capable of carrying out necessary tasks in a way that humans would consider "smart." Before we have true AI, we have machine learning, and before that, we have deep learning.

Machine Learning is a subset of AI that provides computing systems access to large amounts of data which enables them to "learn" and carry out necessary tasks without having to be explicitly programmed, end-to-end. Based on the quality and quantity of data fed into it, machine learning can make statements, decisions or predictions with an increasing degree of certainty. With the addition of a feedback loop, it can sense or be informed about whether its previous decisions were right or wrong. This loop enables "learning," and can suggest alternative approaches that can be taken in the future. The outcome is a neural network of inputs, connections, probabilities and predictions.

Deep Learning is another subset of AI that supercharges the machine learning process by increasing the layers and the connections while running massive amounts of data through it to "train" it.  The "deep" in deep learning describes all the layers and their interconnections in this neural network.

All three self-learning technologies hold great promise. But the larger issue for organizations is determining how to benefit from one versus the other, and which AI approach will give your security team the results you are after. 

Lee Fisher has been described as a true IT security 'guru'. It is certainly apt: his knowledge and expertise developed over the course of more than 20 years in IT have helped many customers implement a security strategy that not only safeguards their business and information, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Marc Wilczek, Digital Strategist & CIO Advisor,  10/12/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.