Back

 Industry News Details

 
Not All AI Is Created Equal Posted on : Dec 09 - 2019

For CISOs looking to leverage the latest and most effective defenses against increasingly relentless cyber adversaries, implementing artificial intelligence and machine learning solutions can feel like the moment when evidence in a crime scene is revealed by a black light. Suddenly, the great lengths taken to conceal criminal activity can be detected and eliminated — in real time.

Without a deeper understanding of the role AI can play in a security strategy, however, it is all too easy to fall into the trap of seeing it as a magical security solution.

Not only will this severely limit the very real benefits that AI offers, but it will also make CISOs and their organizations more susceptible to overvaluing their AI in a way that makes them less safe. Similarly, organizations could easily overinvest in an AI that doesn’t really provide the security benefits they think they are receiving. This is not to say that AI is a trend or fad. It is not. When set up correctly, AI is an extremely powerful, and increasingly necessary, technology.

Ask the cybercriminals already using it.

Artificial Intelligence And Cybercrime

Just as the most sophisticated thief is aware of the latest forensic techniques, cybercriminals are using AI to improve and advance their efforts.

Rather than relying on generic, open-ended phishing messages, for instance, criminals are now utilizing AI to analyze a target’s writing style and social media communications. The result is deceptive messaging that is almost indistinguishable from authentic communication. And it is not just the written word. Using AI, threat actors have even managed to mimic the sound of a CEO’s speaking voice to trick unsuspecting employees into sending out unauthorized payments.

Machine learning and deep learning have already been used to find vulnerabilities in source and compiled code, as demonstrated in a Cyber Grand Challenge sponsored by DARPA. Similarly, cyber reasoning systems (CRS) are designed to automatically find and exploit vulnerabilities in complex software. New solutions, like the Central Exploit Organizer (CEO), also use machine learning to predict the relative effectiveness of a given vulnerability detection tool to improve its effectiveness at compromising a system.

Eventually, AI-enhanced malware will be able to learn a network’s dominant communication channels in order to traverse an environment while also blending into the digital environment -- learning the vulnerabilities, best points of access and highest-value targets while it moves across the network under the radar.

The Three Elements Of AI

As a result, CISOs rightly recognize the need to scale up their solutions to match their cyber-adversaries’ tactics and technologies. The mistake they often make, though, is assuming that anything labeled as “AI-enhanced” is going to provide the protection they need. View More