As with many IT-related things, new technologies are often wrapped in a shroud of mystery that easily leads to misinformation and mixed expectations regarding how the technology operates and its overall capabilities.
Arguably, no other technology exemplifies this more than AI. From concepts to research to development and implementation – many may have ideas of what AI can do – but few truly understand the complexities, intricacies and morality that surround artificial intelligence. Further still, even fewer truly grasp the magnitude of how exactly this advanced technology will truly impact humanity as a whole.
In this series, we take a closer look at AI and its subsections, like Machine Learning (ML) – which we'll cover in the next article – explaining how these technologies work to benefit cybersecurity software, practices and automation to protect devices, data and users in ways that are simply not possible without the aid of powerful computing logic, like AI and ML.
Before we get ahead of ourselves in discussing what AI is capable of, let’s start by explaining what AI is. And before we do that, let’s address the 800lb gorilla in the room that always surrounds talk of AI by getting the misconceptions relating to AI out of the way, shall we?
What it isn’t
HAL 9000. Ultron. Skynet. Replicants (from Blade Runner).
Each of these antagonists, alongside a growing list of science fiction stories and movies, centers around artificial intelligence that effectively turns on humanity to save the planet from its greatest perceived threat: humans.
While this premise makes for great storytelling and a fun, popcorn-fueled movie-going experience…there is little correlation between AI becoming sentient (which is still quite a ways away) and realizing that humanity is the greatest threat to the planet and taking steps to eradicate us.
It also doesn’t mean that machines, devices or robots that are connected to or powered by AI will alter or disregard their programming “on the fly” in order to hurt or cause harm. These apocryphal stories are great for reading, like Isaac Asimov’s I, Robot, or sharing with friends on a horror forum but have no real basis in the real-world development of AI-based technologies.
What it is
Now that we’ve gotten that out of our system, we can focus on what AI for security actually does.
Artificial Intelligence is defined as “the theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages.”, according to the Oxford English Dictionary.
In simpler, more pragmatic terms, it involves the perception, analysis and synthesis of information by computer systems while being able to make decisions or perform tasks based on said information. According to IBM, “AI improves its knowledge to “understand” cybersecurity threats and cyber risk by consuming billions of data artifacts.”
It is to a degree; an extension of what technology has always been used for: to make the lives of users across multiple industries easier. Technology grants its users the ability to do more with less, to work smarter – not harder.
Leveraging artificial intelligence ultimately makes short work of complex data sets from varying sources, like aiding scientists studying diseases in developing a cure sooner, self-driving car technology that relays data from multiple sensors for a safe trip – even something with comparatively low complexity such as the algorithms that drive search findings or recommendation systems in place within your favorite search engine (former) or shopping website (latter).
AI + InfoSec = Enhanced Cybersecurity
AI continues the path mentioned above, using powerful technologies to drive cybersecurity protections in ways only possible by computers. By leveraging advanced technology to process large swaths of data to determine patterns or analyze code, the logic built into AI performs these tasks in mere fractions of the time that it would take humans to manually scan each line.
“Cybersecurity is the fastest AI software growth category, with a focus on the real-time monitoring of and response to attack.” – Global AI Software Forecast 2022, Forrester Research
Take threat hunting for example. Traditionally the exercise requires experienced security professionals and copious amounts of time to properly monitor, identify, research, exploit, verify and remediate unknown threats. Depending on the complexity of the data, the severity of the threat, the number of individuals working on the project, their level of expertise, the tools available to them and teams that they must work with to realize remediation or solution of the threat – just one instance of this task could conceivably require days maybe even weeks or months of time to resolve.
By contrast, computers are known to be able to process large amounts of data in shorter timeframes compared to humans. When feeding the very same data streams through AI and ML, timeframes are exponentially shortened to minutes, maybe a few hours depending on the amount of data that must be processed. In other words, harnessing AI to proactively thwart threats can not only determine how bad actors would carry out attacks against your infrastructure but can automate the deployment of actions to preemptively stop the attack from occurring and/or remediate any affected endpoints quickly.
Not just that, but humans as fallible. We get tired after exerting ourselves too much, can get sick which impacts our ability to function optimally and can become overwhelmed in the presence of too many stimuli.
But not AI-based technologies. They can effectively work 24/7/365 without needing to get some sleep or eat and run just as optimally after several hours of working as they did within the first few minutes to stop cyberattacks before they have a chance to start.
“Three out of four surveyed executives say that AI allows their organization to respond faster to breaches.” – The Use of Artificial Intelligence in Cybersecurity: A Review, IEEE Computer Society
This doesn’t recommend that organizations replace their IT and Security teams with AI, but rather underscores the importance of AI and ML-based technologies, and how these technologies can significantly benefit your organization's security posture as part of a greater defense-in-depth security plan.
Not sure how to get started enhancing your security posture with AI-based technologies?
Introduce machine learning and automation into your cybersecurity defense-in-depth strategy today.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.