Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
9/20/2017
03:20 PM
Lee Fisher
Lee Fisher
Partner Perspectives
50%
50%

Artificial Intelligence: Getting the Results You Want

Finding a vendor that doesn't claim to do AI is hard these days. But getting the benefits you need and expect is even harder.

There are many discussions across the security industry today that revolve around the need for companies to leverage artificial intelligence or AI. Finding a vendor that doesn’t claim to do AI is hard – it seems that we all are working at it. 

While it seems like a logical step for the industry to look towards AI, you could also say it is a natural evolutionary step for security teams in order to keep up with the sheer volume and variety of threats that cyber criminals are developing against them. There were 357 million cases of malware attacks in 2016 and that number has grown exponentially over the past five years, according to the 2017 Symantec Internet Security Threat Report. If that trend continues, we could see over 1 billion attacks in a year by 2020.

With such a high number of threats for the security industry to process, AI seems to have become a promised land for the many vendors that are increasingly placing automation and machine learning into their research labs to process and analyze metadata from billions of threats and indicators of compromise from previous attacks. They are undertaking this step in the hope that they can identify malware before it affects their customers. This is a worthwhile endeavor, for sure, but it isn’t going to be enough to defeat malware authors. The industry needs to go beyond simply categorizing threats.

New Approaches and Capabilities
It’s encouraging to know that there are a variety of approaches to AI across the industry. For that reason it's important for researchers to understand the differences between various approaches, their capabilities, and effectiveness.

Artificial Intelligence is broadly defined as machines that are capable of carrying out necessary tasks in a way that humans would consider "smart." Before we have true AI, we have machine learning, and before that, we have deep learning.

Machine Learning is a subset of AI that provides computing systems access to large amounts of data which enables them to "learn" and carry out necessary tasks without having to be explicitly programmed, end-to-end. Based on the quality and quantity of data fed into it, machine learning can make statements, decisions or predictions with an increasing degree of certainty. With the addition of a feedback loop, it can sense or be informed about whether its previous decisions were right or wrong. This loop enables "learning," and can suggest alternative approaches that can be taken in the future. The outcome is a neural network of inputs, connections, probabilities and predictions.

Deep Learning is another subset of AI that supercharges the machine learning process by increasing the layers and the connections while running massive amounts of data through it to "train" it.  The "deep" in deep learning describes all the layers and their interconnections in this neural network.

All three self-learning technologies hold great promise. But the larger issue for organizations is determining how to benefit from one versus the other, and which AI approach will give your security team the results you are after. 

Lee Fisher has been described as a true IT security 'guru'. It is certainly apt: his knowledge and expertise developed over the course of more than 20 years in IT have helped many customers implement a security strategy that not only safeguards their business and information, ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11232
PUBLISHED: 2018-05-18
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
CVE-2017-15855
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in u...
CVE-2018-3567
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
CVE-2018-3568
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
CVE-2018-5827
PUBLISHED: 2018-05-17
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.