Information Security

Defending the digital infrastructure

Graeme Dawes - Fotolia

AI or not, machine learning in cybersecurity advances

As more companies promote machine learning and artificial intelligence technologies, chief information security officers need to ask some tough questions to get past the hype.

The logic around artificial intelligence is fuzzy. Some people might argue that the heuristic algorithms used in antivirus to recognize potential threats are artificial intelligence. Others got a glimmer of hope -- outside of the security field -- with the landmark success of AlphaGo. In 2016, the DeepMind software won four out of five matches of the complex Chinese Go board game when it out-strategized top professional player Lee Sedol. The win astounded viewers and saved Alphabet Group, which acquired the London-based DeepMind in 2014, a million dollars of prize money.

While cognitive advances are clearly being made in numerous industries, information security -- which is in dire need of help -- remains a complex challenge. As companies promote AI and advanced machine learning in cybersecurity, CISOs need to ask some tough questions to get past the hype: Are these technologies bolted on to get investments as well as customers, or are they core to an innovative security platform that solves a business problem (too many alerts to efficiently monitor)? Is the company's expertise in machine learning and AI or information security?

The excitement and promise of machine learning in cybersecurity is there. But data scientists are in high demand and are hard to find. Qualified researchers who study artificial intelligence usually have some combination of computer science, cognitive psychology and engineering experience. Outside of top universities -- like the MIT Robotics Lab -- and fields such as defense or specialized computer programming, their numbers are probably in the hundreds.

Advances in machine learning and security can help in areas such as antimalware, dynamic risk analysis and anomaly detection, found Robert Lemos, who reports on machine learning in cybersecurity in this month's cover story. The technology is really good at "crunching through data," Joseph Blankenship, senior analyst for security and risk at Forrester Research, tells Lemos. But automation, speed and accuracy (decision-making) are areas where more work is needed.

Also in this issue, we talk to John Masserini, CSO of the U.S. equities trading exchange MIAX Options, about his information security strategy in an environment where disruption is calamitous. Marcus Ranum continues his "How did you get here?" series with Diana Kelley, executive security advisor for IBM. Senior Reporter Michael Heller looks at a new form of ransomware that may take extortionware to another level. 

Article 4 of 6

Next Steps

Big data and IoT: What is the reality of AI?

Project 101: Learn the basics of machine learning

Advanced machine learning in network security

Dig Deeper on Security analytics and automation