Our 12 days of Christmas predictions has hit lucky seven, and just in time for the 13th of December too! Of course this means 13 shopping days until Christmas Day, but for those who have made their preparations and are not yet tired of Wham and Shakin’ Stevens on the airwaves, our countdown continues with a look at one of the key trends of 2016 which is expected to continue into the new year.
The concept of machine learning, automation and artificial intelligence (AI) have got a lot of attention over the past couple of years, and it is predicted that this will continue into 2017. Sian John, Chief Strategist of EMEA at Symantec, predicted that AI and machine learning will require sophisticated Big Data capabilities as in 2017, machine learning and AI will only continue to grow.
“With this growth comes new, powerful insights for businesses to tap, and an increased collaboration between humans and machines,” she said. “From a security standpoint, this expansion will impact organizations in more ways than one – including endpoints and mechanisms in the cloud. As new forms of machine learning and AI continue to enter the market, enterprises will need to invest in solutions that have the capabilities to collect and analyze data from the countless endpoints and attack sensors across different organizations, industries and geographies.”
Staffan Truve, CTO of Recorded Future predicted that the ever increasing scale and complexity of cyber-threats is bringing us to a point where human threat analysts are approaching the limit of what they can handle, requiring the next generation of cyber-threats needing to be tackled by a combination of machines equipped with AI and human analysts.
He said: “In recent years, humanity’s ability to make accurate predictions has improved in many fields thanks to a combination of augmented sensor capabilities and new prediction algorithms. As an example, today’s weather forecasts benefit both from improved sensing by weather satellites and from new algorithms run on powerful parallel computers.
“In a similar way, web intelligence provides new sensing capabilities which can be combined with novel algorithms to predict future cyber-threats.”
Adrian Sanabria, senior analyst information security at 451 Research, told Infosecurity that the terms have become buzzwords, and companies feel pressured to say they’re doing something with it, regardless of whether they need it or not.
He said: “Like any other big trends in security, very little of what we’re seeing is new or innovative by itself. We’re seeing a lot of realization that we already have a lot of great ideas and technology, and that we’ve just not leveraged it as effectively in the past.” Sanabria pointed out that most security and IT vendors he had spoken with said that they had been using machine learning algorithms for years, with Amazon using the technology to make book recommendations in the late 1990’s, and more than a decade before it launched any cloud computing efforts.
“On the positive side, machine learning has proved useful for giving the defender a bit of edge back when it comes to preventing malware infections. On the negative side, I don’t think machine learning is as appropriate or effective in dealing with the information overload problem that still plagues defenders. The quality of input data is very important for machine learning, and most of the data being fed into security analytics engines – threat intelligence, vulnerability scan output, IDS/IPS alerts, logs and network data is either very low quality too raw or unfiltered, or both. Garbage in, garbage out.”
That’s the concept of AI and machine learning on the defensive side, but according to the McAfee Labs 2017 Threats Predictions Report from Intel Security, these solutions will prove to be instrumental in teaching machines how to operate on the front lines of a changing, global battle.
Eric Peterson, director of threat research at Intel Security, said: “When expertly applied, machine learning has the potential to solve important, complex, tangible business problems. Regression algorithms can be used to predict values, clustering algorithms expose structure in datasets, and anomaly detection algorithms can be used to find abnormal data points.
“Machine learning tools are force multipliers for those of us in security roles. We would be negligent to assume that cyber-criminals are not also adopting these powerful tools.”
Back in early November I attended Microsoft’s Future Decoded conference where the benefit of AI was demonstrated with the Cortana digital agent. The message being presented in that case was one of how AI can be used on the online helpdesk – which is a much lower position than anything within the security operations center.
I’ve no doubts that these trends will continue into 2017 as the concept is discussed more and more, but less impact is actually made within businesses and legacy IT systems.
>> On the First Day of Christmas, the Industry Predicted...More Ransomware
>> On the Second Day of Christmas, the Industry Predicted…Poor Routine IT Practices
>> On the Third Day of Christmas, the Industry Predicted…More Political Disruption
>> On the Fifth Day of Christmas, the Industry Predicted…More Social Media Attacks
>>On the Sixth Day of Christmas, the Industry Predicted…a Big Year for IoT
>>On the Eighth Day of Christmas, the Industry Predicted…Attackers Making Money