A Clear-eyed Look at AI in Cybersecurity
Let's start by dispelling the most common misconception, there is very little if any true artificial intelligence being incorporated within enterprise security software. The fact that the term comes up frequently is largely to do with marketing, and very little to do with the technology. Pure AI is about reproducing cognitive abilities.Untallied are the personal costs to the cybersecurity victims, the stress associated with leaked phone numbers, credit card information, social security numbers, tax information, and the time spent getting their lives back on track.
That said, machine learning, one of many subsets of AI, is being seamed into various security software. But even ML in most casesis not capable of self-training, and requires human intervention, including programming, to update its training. There are so many variables in security, so many data points, that keeping its training current and therefore effective can be a challenge.To help guard against this, Artificial immune system AIS, a branch of AI inspired by the principles of invertebrate immune systems has come forth. The algorithms in artificial immune system adapt the immune system features of learning and memory to solve a problem. This area of research makes an attempt to bridge the gap between immunology and engineering. The evolution of AIS has its roots in the work of Farmer, Packard, Perelson. Bersini and Forrest. The work carried out by them was influential and helped in concentrating on how to build models that mimic immune system memory properties. Whereas, Forrest focussed on network intrusion detection thereby concentrating more on the ability of immune systems to discriminate between self and non-self. These pioneering works led to a great deal of further research on the application of immune inspired approaches to computer security.
All these translate to one fact that AI and ML have an important role in a defensive arsenal. The message from these experts and others is that it’s important for security companies, and their customers, to monitor and minimize the risks associated with algorithmic models. That’s no small challenge given that people with the ideal combination of deep expertise in cybersecurity and in data science are still rare.