Businesses face an ever increasing challenge to protect their assets from cyber criminals. The sophistication and frequency of attacks continue to elevate as these criminals take advantage of rapidly advancing technologies.
Even using the latest machine driven security systems, it is becoming increasingly difficult for businesses to differentiate between a genuine employee or website visitor and a criminal seeking to breach or bring down their network and systems.
Cyber security professionals are facing the prospect that they have reached a glass ceiling in terms of what humans can achieve. Does the future of cyber security defence now depend of robots?
That’s the question posed to industry professionals following news MIT have developed Artificial Intelligence (AI) capable of detecting 85 per cent of cyber attacks - and still learning.
Can AI change the face of cyber security?
In April 2016, the Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT announced they had developed an artificial intelligence platform named AI2. Developed in partnership with machine-learning start-up PatternEx, AI2 sparks an interesting debate about the future role of artificial intelligence in protecting an organisation from cyber attacks. How much responsibility can be given over to ‘robots’ to do the work of humans.
Currently, AI2 uses unsupervised machine-learning to analyse data and detect suspicious activity. Its findings are then fed to cyber security experts (humans), who confirm whether the suspected activity is an attack or a false positive. AI2 will then take this learning and incorporate it into the next set of data, continuously learning and improving.
Here’s a simple video describing how the platform works:
As of April 2016, the platform had analysed more than 3.6 billion log lines, identifying 85 per cent of attacks. This is three times more effective than existing benchmarks achieved my machine learning platforms. The system is also capable of reducing the number of false positives by a factor of five.
Humans and machines must work together to better secure company assets
As impressive as the achievements of AI2 are, it is unlikely cyber security professionals are ready to hand over responsibility of defending their systems just yet. Especially considering the platform still requires human intervention to learn and improve. It is also not clear what action the system takes in the event of an attack, and whether this defence is automated.
For now it looks like humans must lead the way with cyber security defence, utilising machine-led security systems to augment our efforts. Despite the larger improvements demonstrated by AI2, the system still misses 15 per cent of genuine attacks. Humans are still be required to plug this gap to keep the organisation safe. Plus, AI2 is still reliant on humans for learning. Without which the platform would be nowhere near as effective.
The MIT and PatternEx discovery provides a glimpse of a future where humans may no longer be needed to defend business systems. For now however, advancements can be found in humans and machines work together. Machines can do the heavy lifting, scanning up to 1 million log lines a day, a task that could take a team of experts months. Identifying focus areas for the team to work on. While humans can identify false positives and take steps to help machines learn to be more effective.
AI2 is demonstrating that cyber security detection and protection systems are advancing at a rapid rate. The time when all-encompassing artificially intelligent security platforms can be left alone to defend our business appears to be drawing ever closer.
My question to you: If/when the time comes, would you trust a robot with your company's security?