It doesn’t take an expert to tell you that the cybersecurity war isn’t going well. You can just follow the money. Gartner predicts that by the end of 2018, security spending will have grown by 8% compared to 2017, a year that saw security budgets reach a historic high. It would be better if this spending had lead to a decline in security breaches, that doesn’t appear to be the case. In the estimation of Cybersecurity Ventures, in 2018 ransomware alone will cost enterprises $11.5 billion Ouch.
How can this trend be reversed? Clearly not with money alone. Along with more regulation and education, bigger changes are required.
That change is coming in the form of Artificial Intelligence and Machine Learning (AI/ML) security solutions, such as IBM QRadar Advisor with Watson. They represent a paradigm shift in cybersecurity, and perhaps the beginning of a more positive era.
Closing the Skills Gap
A big part of the depressing news about cybersecurity comes down to the skills gap. There are more malicious actors and fewer qualified professionals to fight them. The scale of this issue is staggering. 51% of respondents to a 2018 survey by ESG said their organization’s security skills were insufficient.
This is partially due to an asymmetry in the difficulty of launching an attack and remedying it. It’s easier to blow up a building than build a new one. The logic is the same in cybersecurity. The advent of polymorphic malware means it’s easy to launch evolving, sophisticated attacks. However, stopping these attacks, and reversing their effects, requires detailed knowledge that’s difficult for even the most dedicated in-house security teams to assimilate.
AI/ML can step in by assimilating the knowledge for them. A big part of Watson’s feature set involves natural language processing, which has been unleashed on security research. Watson synthesizes thousands of security-related blog posts, research papers, and other publications. The resulting information can be brought to bear on security analysis in real time. As a result, the innovations of security researchers from around the world are connected—all the good guys can become one big brain.
Security experts aren’t the only element of security hygiene, of course. Good security relies on the day-to-day practices of all employees at an organization. Identifying the hallmarks of a phishing attack and establishing strong passwords can make all the difference.
According to LastPass, a lot of organizations are falling behind in this area. Their 2018 report shows that even organizations using their services—the most conscientious of organizations, in other words—are lagging behind, with an average score of 52%, where 100% represents the use of fully robust password practices.
What contributes to this problem? Overstretched security staff, for one thing. If security teams are spending all their time on malware analysis, they don’t have time to educate staff about adequate password skills and implement better authentication systems. Therefore, any tool that speeds up an analyst’s job can lead to better security in other areas of the organization.
Some Watson clients have seen a 50% decrease in threat analysis times. That’s a huge amount of time saved, during which analysts, rescued from constantly putting out fires, can put more time into fireproofing.
None of this means that the cybersecurity war is over. One alarming thing about the AI/ML era is that this technology isn’t restricted to white hat hackers. It’s likely that security teams are going to see new threats driven by AI/ML. It’s also possible that hackers will devise threats specifically designed to mess up AI/ML systems.
No matter what threats emerge, Watson will be there to make sure that analysts have every piece of relevant data at their disposal. It will continue to absorb all the latest research, transforming the positive work of smart individuals into a worldwide hive mind. Malicious actors won’t have an easy time.
Learn more about what Watson can do at our AI Hub.