Intelligence and the Impact of Machine Learning on Cybersecurity

Artificial intelligence (“AI”) and machine learning (“ML”) are two over-hyped terms, but when advanced software can pull patterns from large data sets, human intelligence can make better decisions faster than ever before. The impact on security professionals is profound in that they recognize the promises, but more so, the perils, of AI, and this is driving companies to invest in outsourced security help. 

Human intelligence, augmented by the right software and powerful computing, is the real breakthrough in cybersecurity. AI and ML are not ex machina stand-alone defenses; they require human assistance to be effective. Before delving into the impact of AI on Cybersecurity further, it is helpful to define the terminology and review the history of AI from conceptualization to present day.

The Differences between Artificial Intelligence, Machine Learning and Deep Learning

AI is the science of developing a system or software to emulate human cognition by enabling computers to learn and adapt through experience and patterns, rather than inference (Martucci, 2018; Quora, n.d.). ML is but one approach to AI that uses self-learning algorithms and, though currently the most popular type of AI, others like rules-based systems, such as autonomous vehicles, predominate in technology. (Quora, n.d.).  

A seemingly related term emerging in the last two or three years is “deep learning.” The difference between “deep learning” and ML is the reliability of the results as the scale of data increases. Deep learning algorithms don’t perform well when the data set is small. Those algorithms require a large amount of data to understand it perfectly (Shaikh, 2017). As Kris Lahiri, Chief Security Officer for Egnyte, explains, “Today, deep learning advancements in machine learning allow machines to teach themselves how to build models for pattern recognition (rather than relying on humans to build them)” (2018). 

Evolution of AI and the Law of Accelerating Returns

In 1956, MIT scientist, Marvin Minsky, first named and conceptualized AI. Pioneers like Google, Amazon and Facebook began to use scalable big data frameworks to effectively collect, scrub, organize and analyze their consumer data from millions of users. By “open-sourcing” this behavioral data, these organizations discovered that businesses could derive tremendous value from Internet searches, product recommendations and newsfeeds (Lahiri, 2018). For anyone who has made online purchases or conducted Internet searches for a few years, the evolution of ML is apparent when, for example, products the user views on one vendor website later appear as banners on other sites. 

While it is certain that AI will continue to evolve and be an important topic, many business and technology leaders argue that it is THE most important topic (Urban, 2015). Considering the promises and perils of AI, and the escalating rate of human progress, it is likely to remain so for the foreseeable future. 

Noted futurist and author, Ray Kurzweil, wrote about the pace of change within the context of what he calls Law of Accelerating Returns. The law is simple, yet profound: more advanced societies can progress at a faster rate than less advanced societies precisely because they are more advanced (Urban, 2015). Kurzweil suggests that the advancements of the 20th century would have occurred in 20 years had they begun in the year 2000, maintaining that the rate of progress in 2000 was five times faster than in the entire 20^th century. In fact, he believes a 20th century’s worth of progress eventually will happen in less than one month, thus attaining a rate of progress 1,000 times that of the 20th century (2015).

Cyberattacks and the Impact of ML

Generally, there are two broad types of cyberattacks. The first seeks to disable the target computer or knock it offline; the second seeks get access to the target computer's data and, possibly, gain administrative privileges. Recent techniques attackers use to achieve those goals include:

• Malicious software (malware) that, when downloaded to a target computer, can pilfer data to encrypt files and demand ransom.
• Phishing emails that appear to be “legitimate,” but cause victims to give up passwords or taking some other harmful action.
• Denial of service attacks, which overwhelm a web server with bogus traffic.
• Man-in-the-middle attacks, which fool the target computer into joining a compromised network (Fruhlinger, 2018). 

The evolution of ML has multiple implications for both the attackers and defenders of a network. Increasingly sophisticated hackers are using ML to find vulnerabilities that were invisible before. 2017's cyberattacks caused $5 billion worth of damage, a fifteen-fold increase from 2015. Experts estimate cyberattack damage to be $6 trillion from 2018-2021, and that the industry is going to need 3.5 million new cybersecurity workers to clean up the mess (Fruhlinger, 2018). Worse yet, attackers are deploying AI, too. allowing them to learn the targeted systems and identify vulnerabilities on the fly. See this recent article in CSO magazine for a summary of recent cyberattacks. 

Cyber Security Response

Defensive security controls like firewalls and anti-virus are not enough to cope with current cyber threats (Esentire, n.d.). Realizing this, security professionals are using ML software to find patterns in attacks. AI can automate complex processes for detecting and responding to attacks. Data deception technology products can automatically identify, analyze, and defend against advanced attacks by proactively detecting and tricking attackers. This technology, which is becoming more and more sophisticated as usage increases, provides a competitive edge to defenders (Lihiri, 2018).

And if all of this seems overwhelming and complex, it is. Companies of all sizes are turning to firms that specialize in managed detection and response (“MDR”) to bolster network security.  MDR providers leverage host and network technologies at the host and network layers to collect security event and contextual data and investigate incidents. These technologies are expensive and difficult to find for many organizations, which accounts for the rising popularity for MDR as a service (Mohanty & Vasudevan, 2018). For more information about MDR, including insights from Gartner check out this this report.   

Another critical defensive measure is data backups. Backups can be automated, and when these backups occur in the cloud, or when sensitive information is stored in a secure cloud location, the chances of making it through a major disaster in relatively good shape increase significantly. Despite the constant risks, 62 percent of businesses fail to regularly backup their data, and 40 percent of small and medium-sized businesses never recover from a major data disaster (AgileIT, 2018).

Further, there is a push within industries to disconnect the most sensitive data from the internet. Physical disconnection ensures security. There are other defensive precautions. A good list of network security measures can be found in this article.

Insight

It is incumbent upon all organizations to understand the “state of affairs” in network security. The risks are great and the potential damage significant. The advent of AI and ML has yielded substantial competitive advantages to many companies, but it has opened a Pandora’s box of potential perils as nefarious attackers use these same tools against their targets. While the evolution of AI and ML into cyber security defense strategies is encouraging, humans remain the backbone of any sustainable data security strategy.

In their recent piece for the Harvard Business Review, H. James Wilson, Managing Director of Information Technology and Business Research at Accenture Research, and Paul R. Daugherty, Accenture’s Chief Technology and Innovation Officer stress that   “Humans need to perform three crucial roles. They must train machines to perform certain tasks; explain the outcomes of those tasks, especially when the results are counterintuitive or controversial; and sustain the responsible use of machines (by, for example, preventing robots from harming humans)” (2018).

Through such collaborative intelligence, humans and AI actively complement the other’s strengths. Human exhibit the leadership, teamwork, creativity, and social skills, and machines the speed, scalability, and quantitative capabilities. Business requires both.

References

• AgileIT. (2018). Agile insider blog. Retrieved August 30, 2018, from www.agileit.com/news/protecting-your-data/ 
• Daugherty, P.& Wilson, H. (2018). Collaborative Intelligence: Humans and AI Are Joining Forces. Retrieved August 30, 2018, from https://hbr.org/2018/07/collaborative-intelligence-humans-and-ai-are-joining-forces
• Esentire. (n.d.). Your best line of defense. Retrieved August 30, 2018, from www.esentire.com/what-we-do/managed-detection-and-response/
• Fruhlinger, J. (2018). What is a cyber attack? Recent examples show disturbing trends. Retrieved August 30, 2018, from www.csoonline.com/article/3237324/cyber-attacks-espionage/what-is-a-cyber-attack-recent-examples-show-disturbing-trends.html 
• Lahiri, K. (2018). How will artificial intelligence and machine learning impact cybersecurity? Retrieved August 29, 2018, from  www.forbes.com/sites/quora/2018/02/15/how-will-artificial-intelligence-and-machine-learning-impact-cyber-security/#345bb04a6147
• Martucci, B. (2018). An innovation timeline. Retrieved August 29, 2018, from www.minnesotabusiness.com/ai-innovation-timeline
• Mohanty, R. & Vasudevan, V. (2018). AI manager detection and response. Retrieved August 30, 2018, from  www.gartner.com/imagesrv/media-products/pdf/paladion/Paladion-1-534YL2H.pdf?submissionGuid=1f5eb787-b70a-4c00-afda-29f3d9c50940 
• Quora. (n.d.). What are the main differences between artificial intelligence and machine learning? Is machine learning a part of artificial intelligence? Retrieved August 28, 2018, from  www.quora.com/What-are-the-main-differences-between-artificial-intelligence-and-machine-learning-Is-machine-learning-a-part-of-artificial-intelligence
• Shaikh, F. (2017). Deep learning vs. machine learning – The essential differences you need to know! Retrieved August 29, 2018, from www.analyticsvidhya.com/blog/2017/04/comparison-between-deep-learning-machine-learning/
• Urban, T. (2015). The AI revolution: The road to super intelligence. Retrieved August 29, 2018, from www.waitbutwhy.com/2015/01/artificial-intelligence-revolution-1.html