Views
1 year ago

CSLATEST

predictive analytics

predictive analytics MAGNETIC INFLUENCE ARTIFICIAL INTELLIGENCE (AI) IS EXERTING AN EVER-GREATER INFLUENCE ON OUR SECURITY DECISIONS AND DIRECTION Daniel Driver: AI vastly reduces time to conclude complex investigations. Artificial Intelligence (AI) covers a broad range of technologies, such as artificial neural networks (ANN), machine learning and expert systems. It is likely that a blend of these AI disciplines will be required to ensure that businesses are protected from future sophisticated cyberattacks. Why AI? Mainly because it delivers the ability to identify quickly activity that has been caused by malicious behaviours, regardless of whether it's a new threat, a novel technique or a malicious insider. As this complex scenario is one that organisations are having to face more and more on a daily basis, this is where the future is most likely to reside, security wise. "AI helps to address the need to make decisions based on vast amounts of data, highlighting those important events in amongst the noise," points out Daniel Driver, head of perception cyber security at Chemring Technology Solutions. This is the company that has developed Perception, described as the world's first bio-inspired network security system. "[AI] also enables the correlation of disparate, seemingly benign, indicators that, when combined, present something of interest." Where previously cyber security teams relied on large numbers of analysts to work through disparate data, AI is able to draw conclusions by reasoning over events collected across potentially long periods of time. "This vastly reduces the time to conclude complex investigations and the size of the teams required to complete these tasks," states Driver. "AI also offers alternative ways of approaching a problem - for example, where a sample set of data is too large to process in real time. Instead of randomly choosing a subset of events to look at, Machine Learning can be used to target the events that are the most interesting or anomalous." The AI component provides the support, analogous to the productivity of a team over an individual, offering indications and suggestions that can be accepted or rejected by the user. This feedback loop further builds on the AI components knowledge of historical events and outcomes, leading to more informed decisions in the future. This allows humans to concentrate their effort in the most efficient way possible. "The number of AI disciplines will continue to grow," predicts Driver, "and the challenge will then be to identify which are best suited to a given application. Blended solutions may be used to achieve better results; for example, ANNs can be noisy when used in isolation, but when used in conjunction with other disciplines the noise can be considerably reduced." We may also see advances towards improving the quality of the data presented to the AI component. "Machine learning, for instance, benefits greatly from feature extraction based on solid domain knowledge. It is likely, therefore, that a more collaborative approach is taken in the future between the AI and human components, with the AI component effectively becoming 'one of the team'," he concludes. 20 computing security July/August 2017 @CSMagAndAwards www.computingsecurity.co.uk

750,000,000 IT hours saved 10,000+ Business Protected 605,000 Threats blocked every hour Malwarebytes.com/business