AI is changing cybersecurity, but it's not a catch-all solution

There is no silver bullet for security

There is no silver bullet for security

Artificial intelligence is often confused with automation, but they are separate and distinct solutions to a common problem

Automation is changing the way that businesses operate. From the factory floor to back-end IT, automated services and machines are increasing speed and productivity while freeing workers up to focus on more skilled tasks.

‘Automation' is often used synonymously with ‘artificial intelligence', but although automated machines can use AI, they are very different. Automation is rule-based: ‘If A, then B'. AI, on the other hand, is trained to learn, develop and grow using the data it is given. An AI system is constantly in a state of change.

That means that artificial intelligence is a great fit for cyber security, where malicious actors are continuously developing new attacks. The old signature-based style of defence is no longer enough to protect companies' crown jewels: their data.

"Cyber-attackers are growing faster and more sophisticated by the day," said Andrew Tsonchev, director of technology at Darktrace Industrial, the branch of the company that uses AI to secure industrial systems and critical national infrastructure.

"Organisations are facing everything from lightning-speed ransomware to stealthy ‘unknown unknowns' that bypass traditional perimeter defences to silently carry out espionage over long periods of time. Human defenders simply cannot keep up with modern threats, especially as they manage increasingly complex networks."

Ron Davidson, CTO of Skybox Security, said: "Signature-based systems are built around the concept of recognising and blocking the exploit and may require a new signature for each variant. The signature-based system doesn't fix the underlying weakness, though it could shield it for a while."

He added: "Organisations using traditional methods to deal with their own massive volumes of vulnerability occurrences will only see problems compound."

Several companies are now automating their security with the help of firms like Skybox, while others are working in the more advanced realms of AI. Darktrace is the leading organisation pushing this development in security and has the most widely deployed enterprise AI; its award-winning Enterprise Immune System defends against new threats and, like the human immune system, operates without prior knowledge or signatures.

There is no silver bullet for cyber security - Andrew Tsonchev, Darktrace

Tsonchev said: "In response to the global cyber struggle, the cyber security market is flourishing. ‘Machine learning' and ‘AI' have fast become industry buzzwords, but many innovations still require rules and signatures of previous attacks and human pre-programming to work. Developing technology that learns on-the-job in live networks is a difficult feat, and many fail outside the lab."

Speaking from an automation perspective, Davidson said:

"Even with automation, there still needs to be human oversight. Automating patching or change provisioning bring their specific risks to the equation that must be weighed against the reward of any potential time-savings. Considering errors that could be compounded via automated action and the potential for business disruption, a human element in these execution processes may still be best."

Darktrace takes a different view: Tsonchev says that humans need AI, rather than the other way around:

"Ultimately, there is no silver bullet for cyber security. However, businesses need to realise that humans, no matter how expert, cannot predict tomorrow's threat and are being consistently outpaced by fast-moving attacks that will soon be supercharged with their own AI.

"Only genuine AI defences can make sense of constantly evolving networks and stay ahead of novel attackers. Looking to real-world use cases of how these defences are working will help guide organisations in their hunt for effective cyber AI as they arm-up defences."

More on Careers and Skills

The Cybersecurity Festival 2021 was a great success

This year's hybrid CyberSecurity Festival kicks off in four weeks

The three-day event will give you the choice in how to attend

Tom Allen
clock 10 May 2022 • 2 min read
The project, known as 'Wild and Stormy' is the successor to the $10 billion JEDI contract

NSA re-awards multibillion-dollar cloud contract award to AWS

Microsoft protested contract award last year, claiming that NSA misevaluated proposals

clock 29 April 2022 • 2 min read
Verify never reached the scale the Government aimed at, and is being phased out next year

Taxpayers face issues filing returns as HMRC withdraws Verify service

Tens of thousands of people have faced problems filing their tax returns since the start of the month.

clock 27 April 2022 • 2 min read