Cybersecurity In 2020: AI Is Helpful but It's Not a Panacea
Tue, April 20, 2021

Cybersecurity In 2020: AI Is Helpful but It's Not a Panacea

Depending on the technology, most IT companies and businesses are concerned about cybersecurity, however, they can gain a competitive advantage in information security and data safety if their expertise lies in AI and machine learning / Photo by: Song_about_summer via Shutterstock

 

Depending on the technology, most IT companies and businesses are concerned about cybersecurity, however, they can gain a competitive advantage in information security and data safety if their expertise lies in AI and machine learning, according to Nathan Mckinley of CPO Magazine, a news platform dedicated to publishing content on data protection and privacy. Nowadays, AI and machine learning are in the spotlight for various industries and use cases. 

Considering the rise of cyber attacks in 2019, the security outlook for 2020— or even for 2030— is going to be met with potential pitfalls. For instance, maintaining the security profile in corporations remains to be a challenge given that security teams “are spread thinner as attack surfaces widen,” wrote James Sanders of TechRepublic, an online trade publication. 

The Role of AI and Machine Learning In Cybersecurity

As of now, AI is still not capable of replacing human intelligence and the way we understand problems and formulate solutions. But when it comes to minimizing errors and faults in operational tasks and finding irregularities, that’s where AI does better in terms of human efficiency and capability. Aside from AI’s ability to add a security layer, it can efficiently evaluate all the mistakes that humans are prone to make. 

Machine learning analyzes past data and evaluates use cases for the future, addressing the needs of users “in the most befitting manner.” The algorithms in AI and machine learning are fed with data to predict future user behavior and occurrences and suggest proactive measures. With regard to cybersecurity, time is important because security measures need to work faster to keep up with cyberattackers and threats. 

Instead of giving cybercriminals and threats enough time, the security system must proactively address the security gap as early as possible. Security experts, app developers, and tools need to be abreast of current security threats and challenges, and this where machine learning and AI solutions do well. 

As of now, AI is still not capable of replacing human intelligence and the way we understand problems and formulate solutions / Photo by: Gorodenkoff via Shutterstock

 

The Challenge of AI and Machine Learning

Access to appropriate datasets is needed before investigating any cybersecurity issue in IT systems. Without relevant datasets, it’s not possible for anyone to evaluate any ongoing security risks and threats. Unfortunately, security measures lack access to relevant datasets for risk and threat evaluation, which has been a challenge for leveraging AI and machine learning in cybersecurity. Moreover, the capabilities of machine learning are limited as of now as it can only understand user behaviors, input, and interaction.

Researchers working on machine learning projects think that the cyber community can play a significant role in making the cybersecurity field more active. ML experts should also be more active and engaging to take advantage of the benefits of cybersecurity measures. We must acknowledge that there is a lack of global cybersecurity experts who are equipped with the necessary skills and knowledge to work with machine learning and AI-based security algorithms. 

Access to appropriate datasets is needed before investigating any cybersecurity issue in IT systems. Without relevant datasets, it’s not possible for anyone to evaluate any ongoing security risks and threats / Photo by: jijomathaidesigners via Shutterstock

 

Unfortunately, AI Is Not Enough

McAfee CTO Steve Grobman said that hackers these days are targeting high-value targets. Attacks that are aimed towards specific industries are said to increase. Grobman explained, “We've seen a good number of ransomware campaigns where the adversaries have done reconnaissance to really understand the critical assets [and] the defenses, and then tailor the attack in order to get into that environment, to demand a higher payment from the victim.” 

This entails a much more sophisticated defense mechanism. Cyberattacks are evolving from focusing on traditional compute environments to focusing on cloud spaces. Adversaries would find ways to compromise traditional environments and cloud assets since many organizations are moving key components of their operations to the cloud. 

Companies are eager to jump on the AI hype train to hopefully attract venture capital funding. Director of Engineering Liz Maida emphasized that companies “can't just apply machine learning and AI on data that hasn't been set up well to begin with.” The actual normalization and understanding the cleanliness of data has to act as a foundational layer first before firms can apply algorithms to gather more intelligence from the data, she added.

It is common for security analysts to correlate events from web gateways, endpoint attachment software, phishing emails, and more. If an organization can’t understand the data extracted from those events, then it is more difficult for them to understand how these are “connected in some unique way” or it would “suggest the presence of a potential malicious actor.”

Alternatively, AI-enabled systems lack the ability to explain why they block or flag certain files, making it a problematic issue in companies, Bud Ilic noted via CSO, a resource for data security executives. Therefore, AI is not a complete solution to curbing cyber threats. Security measures must be multifaceted, regardless of how powerful the technology is. Specialized security staff must be trained to discern and analyze emerging suspicious patterns. Even if AI-enabled endpoints and systems promise to stop incoming threats, keeping them up to date and patched is vital in repelling cyberattacks.  

We can’t deny the benefits of AI in cybersecurity, but we also have to acknowledge its imperfections and limitations. Enterprises should not solely rely on AI and machine learning to safeguard their data or systems. It’s possible for AI to become the panacea to security threats in the future. But for now, it is just a part of a solution, not an ultimate solution to threats.