• #cyber overview news
  • Sep 30, 2020
  • By QOMPLX

CIISec: On Cybersecurity, Will AI Ride to the Rescue?

CIISec: On Cybersecurity, Will AI Ride to the Rescue?

Cyber security vendors like to throw around buzzwords like "machine learning" and "artificial intelligence" but how much have improvements in data science benefitted cyber security technologies? Not as much as you might think, according to an article by QOMPLX CEO Jason Crabtree and CTO Andrew Sellers.

The article, Just Over the Horizon: Cyber Security and the (Coming?) AI Cavalry, appears in the latest edition of Pulse, a publication of the UK's Chartered Institute of Information Security (CIISec). In it, Crabtree and Sellers argue that - thus far- the benefits of improvements in machine learning and AI have mostly gone to the bad guys.

AI Advantage: Attackers

"Data science has almost certainly helped malicious actors more than it has defenders through the automation of scanning, exploitation, execution of ransomware, phishing, and business email compromise campaigns," the two write. "These previously manual activities were loss drivers for cyber criminal businesses.
AI and ML’s biggest impact on cybersecurity, therefore, has been
to amplify the threat by handing an asymmetric advantage to attackers."

"Cyber defenders have not yet caught up with these increasingly well-equipped and resourced sentient adversaries." – Jason Crabtree, CEO & Andrew Sellers, CTO QOMPLX

A Bright(er) Future for AI-Powered Cyber Defense

But while the benefits of machine learning and AI haven't made life easier for cyber defenders, the future may well be much brighter for cyber defenders, as next generation data analytics and automation capabilities start to give the good guys a leg up.

Crabtree and Sellers write that in the coming years, artificial intelligence will benefit from more comprehensive data models (like MITRE's ATT&CK) that will allow "better contextualization in cybersecurity data through knowledge representation and engineering."

A coming generation of AI tools can "baseline the input of data streams to identify abnormalities, enrich sensor telemetry (for example: by using DHCP tables to establish true IP), and apply real- time transformations to organize raw data," the two write. They will also be more transparent, giving defenders confidence in the basis on which AI decisions were made.

You can read more about their vision of how AI will empower defenders in the latest issue of PULSE.

You might also be interested in

Upcoming Webinar: Dun & Bradstreet's Approach to Pre-Assessment CMMC Certification

Upcoming Webinar: Dun & Bradstreet's Approach to Pre-Assessment CMMC Certification

Join QOMPLX and DnB with the upcoming webinar: 'CMMC Certification: DnB's Approach to Pre-Assessment'

Read more
QOMPLX Teams With Splunk To Slam the Door on Lateral Movement

QOMPLX Teams With Splunk To Slam the Door on Lateral Movement

QOMPLX’s Q:CYBER integrates with Splunk Enterprise and Splunk Cloud, providing much-needed visibility into attackers’ lateral movements, including Kerberos ticket forgeries and other attacks on Active Directory.

Read more
DarkReading: CEO Jason Crabtree on Reducing Systemic Cyber Risk for Banks

DarkReading: CEO Jason Crabtree on Reducing Systemic Cyber Risk for Banks

Common-mode failures and systemic cyber risk within the financial services and banking industries may threaten the stability of the financial system.

Read more
Request a Demo

Interested in learning more?

Subscribe today to stay informed and get regular updates from QOMPLX.