AI is changing cybersecurity, but it's not a catch-all solution

clock • 3 min read

Artificial intelligence is often confused with automation, but they are separate and distinct solutions to a common problem

Automation is changing the way that businesses operate. From the factory floor to back-end IT, automated services and machines are increasing speed and productivity while freeing workers up to focus on more skilled tasks.

‘Automation' is often used synonymously with ‘artificial intelligence', but although automated machines can use AI, they are very different. Automation is rule-based: ‘If A, then B'. AI, on the other hand, is trained to learn, develop and grow using the data it is given. An AI system is constantly in a state of change.

That means that artificial intelligence is a great fit for cyber security, where malicious actors are continuously developing new attacks. The old signature-based style of defence is no longer enough to protect companies' crown jewels: their data.

"Cyber-attackers are growing faster and more sophisticated by the day," said Andrew Tsonchev, director of technology at Darktrace Industrial, the branch of the company that uses AI to secure industrial systems and critical national infrastructure.

"Organisations are facing everything from lightning-speed ransomware to stealthy ‘unknown unknowns' that bypass traditional perimeter defences to silently carry out espionage over long periods of time. Human defenders simply cannot keep up with modern threats, especially as they manage increasingly complex networks."

Ron Davidson, CTO of Skybox Security, said: "Signature-based systems are built around the concept of recognising and blocking the exploit and may require a new signature for each variant. The signature-based system doesn't fix the underlying weakness, though it could shield it for a while."

He added: "Organisations using traditional methods to deal with their own massive volumes of vulnerability occurrences will only see problems compound."

Several companies are now automating their security with the help of firms like Skybox, while others are working in the more advanced realms of AI. Darktrace is the leading organisation pushing this development in security and has the most widely deployed enterprise AI; its award-winning Enterprise Immune System defends against new threats and, like the human immune system, operates without prior knowledge or signatures.

There is no silver bullet for cyber security - Andrew Tsonchev, Darktrace

Tsonchev said: "In response to the global cyber struggle, the cyber security market is flourishing. ‘Machine learning' and ‘AI' have fast become industry buzzwords, but many innovations still require rules and signatures of previous attacks and human pre-programming to work. Developing technology that learns on-the-job in live networks is a difficult feat, and many fail outside the lab."

Speaking from an automation perspective, Davidson said:

"Even with automation, there still needs to be human oversight. Automating patching or change provisioning bring their specific risks to the equation that must be weighed against the reward of any potential time-savings. Considering errors that could be compounded via automated action and the potential for business disruption, a human element in these execution processes may still be best."

Darktrace takes a different view: Tsonchev says that humans need AI, rather than the other way around:

"Ultimately, there is no silver bullet for cyber security. However, businesses need to realise that humans, no matter how expert, cannot predict tomorrow's threat and are being consistently outpaced by fast-moving attacks that will soon be supercharged with their own AI.

"Only genuine AI defences can make sense of constantly evolving networks and stay ahead of novel attackers. Looking to real-world use cases of how these defences are working will help guide organisations in their hunt for effective cyber AI as they arm-up defences."

You may also like
'Meticulously commendable':  AI's fingerprints found all over recent academic papers

Education

Tell-tale signs of genAI are rising fast

clock 27 March 2024 • 3 min read
Peter Cochrane: Fish can't climb trees and AI won't eclipse humanity

Strategy

AI will steer our evolution but not take over

clock 27 March 2024 • 3 min read
Power demand from UK datacentres set to surge six-fold over the next decade

Datacentre

National Grid CEO's warning comes as OpenAI chief Sam Altman says nuclear fusion is the answer

clock 27 March 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security Technology

Checkmarx: 'It's very difficult for CISOs to know how to safely incorporate genAI'

Checkmarx: 'It's very difficult for CISOs to know how to safely incorporate genAI'

'It’s an unfortunate reality that developers have not traditionally been big fans of security'

clock 26 March 2024 • 5 min read
UK's biometrics commissioners steps down, signalling missteps

UK's biometrics commissioners steps down, signalling missteps

Home Office is ignoring new technologies

Muskan Arora
clock 31 January 2024 • 4 min read
Endpoint is the path of least resistance, says Threatlocker

Endpoint is the path of least resistance, says Threatlocker

IT Leaders Summit debates the true purpose of endpoint security.

Penny Horwood
clock 05 October 2023 • 2 min read