Advanced artificial intelligence (AI) and machine learning tools are becoming increasingly critical in detecting and combatting cyber threats. This is according to Stefaan Hinderyckx, senio vice-president, Security - Europe at NTT Ltd. speaking at the virtual NTT European Digital Press Roundtable 2020 on May 13 2020.
According to Hinderyckx, with organizations now handling so much data, coupled with a current shortage of cybersecurity experts, identifying security threats efficiently and quickly is only possible using these technologies.
He said the global technology services company gets around 280 billion logs per month across all its clients; these can be reduced to 1000 possible threats through its automated AI and machine learning tools, which utilize complex mathematical techniques such as pattern matching and advanced correlation. NTT’s analysts can then focus on investigating these potential threats closely.
“We have this massive haystack and we put that into a manageable number of incidents that analysts can still look at,” commented Hinderyckx. “You still need humans; machine learning and AI cannot completely replace our analysts, but you can simply do it much more efficiently and the need for speed of course is there because you can’t wait for five hours from the logs coming in and flagging the alert, it has to be near real-time.”
Hinderyckx also stated how these technologies are also able to pick up new threats that conventional security analysis techniques, such as security information and event management (SIEM), find difficult to identify. He gave the example of the emerging threat of zero day exploits. “By using AI we’re effectively addressing the white space,” he added.