Information Security

Defending the digital infrastructure

Graeme Dawes - Fotolia

Get started Bring yourself up to speed with our introductory content.

AI or not, machine learning in cybersecurity advances

As more companies promote machine learning and artificial intelligence technologies, chief information security officers need to ask some tough questions to get past the hype.

The logic around artificial intelligence is fuzzy. Some people might argue that the heuristic algorithms used in antivirus to recognize potential threats are artificial intelligence. Others got a glimmer of hope -- outside of the security field -- with the landmark success of AlphaGo. In 2016, the DeepMind software won four out of five matches of the complex Chinese Go board game when it out-strategized top professional player Lee Sedol. The win astounded viewers and saved Alphabet Group, which acquired the London-based DeepMind in 2014, a million dollars of prize money.

While cognitive advances are clearly being made in numerous industries, information security -- which is in dire need of help -- remains a complex challenge. As companies promote AI and advanced machine learning in cybersecurity, CISOs need to ask some tough questions to get past the hype: Are these technologies bolted on to get investments as well as customers, or are they core to an innovative security platform that solves a business problem (too many alerts to efficiently monitor)? Is the company's expertise in machine learning and AI or information security?

The excitement and promise of machine learning in cybersecurity is there. But data scientists are in high demand and are hard to find. Qualified researchers who study artificial intelligence usually have some combination of computer science, cognitive psychology and engineering experience. Outside of top universities -- like the MIT Robotics Lab -- and fields such as defense or specialized computer programming, their numbers are probably in the hundreds.

Advances in machine learning and security can help in areas such as antimalware, dynamic risk analysis and anomaly detection, found Robert Lemos, who reports on machine learning in cybersecurity in this month's cover story. The technology is really good at "crunching through data," Joseph Blankenship, senior analyst for security and risk at Forrester Research, tells Lemos. But automation, speed and accuracy (decision-making) are areas where more work is needed.

Also in this issue, we talk to John Masserini, CSO of the U.S. equities trading exchange MIAX Options, about his information security strategy in an environment where disruption is calamitous. Marcus Ranum continues his "How did you get here?" series with Diana Kelley, executive security advisor for IBM. Senior Reporter Michael Heller looks at a new form of ransomware that may take extortionware to another level. 

Article 4 of 6

Next Steps

Big data and IoT: What is the reality of AI?

Project 101: Learn the basics of machine learning

Advanced machine learning in network security

This was last published in March 2017

Dig Deeper on SIEM, log management and big data security analytics

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What promises and risks do you think artificial intelligence techniques hold for information security?
Innovative security platform for dynamic risks.
Machine learning technology is much easier to handle through cyberattacks. It is way more precised in detecting malicious files than past technologies, and in some way the interaction between both fields is trivial.
Machine learning is not a panacea ... but it is a technology that should be integrated in a layered, holistic approach to IT systems management (and that includes cyber security). Automation is a key component to improving detection of anomalous behaviors as well as detection, analysis and mitigation of malware and unauthorized access and changes to systems.

Get More Information Security

Access to all of our back issues View All