With cybersecurity becoming more automated, security leaders are finding solutions to some of their biggest challenges—such as not having enough people with the right skillsets on their teams. Automation, artificial intelligence (AI), and machine learning (ML) can help detect threats on a scale that is impossible for humans to do manually. This helps alleviate not only staffing limitations and hard-to-find skillset challenges, but also issues related to infrastructure complexity and the advanced capabilities of today’s newest threats.
Cybercriminals and cybersecurity professionals are caught in a perpetual arms race when it comes to developing and deploying tools to either defend digital resources or exploit them. A recent report by Nokia shows that AI-powered botnets are being used to find specific vulnerabilities in Android devices and then exploit those vulnerabilities by loading data-stealing malware that is usually only detected after the damage has been done.
Attacks that leverage self-learning technologies can quickly assess vulnerabilities, select or adapt malware, and actively counter security efforts to stop them. Combining AI with emerging threats like swarmbots will enable an attack to be broken down into its functional elements, assign them to different members of a swarm, and use interactive communications across the swarm to accelerate the rate at which an attack can occur. The only effective defense against such AI-enhanced attacks strategies are solutions that use those same strategies.
Because so many security vendors see the potential revenue associated with AI, many have been willing to claim AI functionality where it does not actually exist. This can leave enterprises in a quandary, uncertain which solutions they should select. To cut through the confusion, CISOs need to ask security vendors a handful of questions to determine whether their AI solution is worth considering:
- How many years have you spent developing this AI? AI requires years of careful training. Any vendor who has not used standards-based training over the course of years to train their AI system is offering a less than ideal solution.
- How many nodes are used to process data and make decisions? Generally speaking, true AI requires millions of nodes combined with massive amounts of data feeds to generate accurate defense solutions.
- How good is the data you are feeding your AI? Feeding an AI with good data is harder than it sounds. Massive data sets of reliable and constantly available data is absolutely necessary for effective AI.
Not all AI is the same. Solutions that claim to provide AI but that don’t meet the requirements listed above are likely to introduce more challenges into your network. Locating tools that can meet that standard requires time and careful analysis.