Whether we are aware or not, cyber-attacks are increasingly part of our daily lives, with global, headline-grabbing ransomware attacks which utilized ‘WannaCry’ (May 2017) and ‘Petya’ (June 2017) being only the tip of the iceberg. Just for last month Symantec reported the highest global spam rate (55.3 percent) since March 2015, besides elevated web attack activity and increased email malware rate. In this situation, turning to artificial intelligence seems like a rational next step to enhance cybersecurity but it is actually far from the perfect solution.
The heart of the problem lies in the fact that artificial intelligence (AI) can be wielded by both the cyber attackers and everyone else on the other team. Hence, while IT professionals use AI to automate and augment manual tasks (e.g. screen security incident logs), analyse data as well as look for anomalies which may hint at a threat, hackers could apply the same technology to process stolen consumer big data, enabling them to quickly identify and target the next victims. Without doubt, cyber criminals are turning machine learning (ML) to their advantage, whereas security experts wrestle with the drawbacks of current solutions (e.g. ML algorithms might have difficulties when handling data with many overlapping point or abstract and unclear data points.)
Another aspect of the situation is that most AI systems require human expertise, at the very least to manage exceptions which leads us to the next obstacle: the global shortage of cybersecurity professionals. Frost & Sullivan forecasted more than 1.5 million unfilled positions in the field by 2020, despite rising salaries, increased budgets, high job satisfaction rates and low changes in employment status. Clearly, organisations must reconsider their workforce strategy, review their talent management practices and adjust their recruiting and hiring efforts accordingly.
Nonetheless, the outlook of AI in cybersecurity is bright, considering the advancement in unsupervised learning and continuous retaining. Additionally, smart technologies such as biometric authentication and user behaviour analysis promise to cover a broad set of attack vectors, further enhancing AI-powered threat detection and mitigation.
Sources:
Symantec Security Response: Monthly Threat Report, https://www.symantec.com/security_response/publications/monthlythreatreport.jsp (Accessed: 2017/09/13)
Juliette Rizkallah: Is Cybersecurity A Second Coming For AI? https://www.forbes.com/sites/forbestechcouncil/2017/05/23/is-cybersecurity-a-second-coming-for-ai/#617606b7c400 (Accessed: 2017/09/13)
Simon Crosby: Separating Fact From Fiction: The Role Of Artificial Intelligence In Cybersecurity, https://www.forbes.com/sites/forbestechcouncil/2017/08/21/separating-fact-from-fiction-the-role-of-artificial-intelligence-in-cybersecurity/3/#572c3c392516 (Accessed: 2017/09/13)
Julie Peeler: Study: Workforce Shortfall Due To Hiring Difficulties Despite Rising Salaries, Increased Budgets And High Job Satisfaction Rate,
http://blog.isc2.org/isc2_blog/2015/04/isc-study-workforce-shortfall-due-to-hiring-difficulties-despite-rising-salaries-increased-budgets-a.html (Accessed: 2017/09/13)
