AI is changing cybersecurity, but it's not a catch-all solution

clock • 3 min read

Artificial intelligence is often confused with automation, but they are separate and distinct solutions to a common problem

Automation is changing the way that businesses operate. From the factory floor to back-end IT, automated services and machines are increasing speed and productivity while freeing workers up to focus on more skilled tasks.

‘Automation' is often used synonymously with ‘artificial intelligence', but although automated machines can use AI, they are very different. Automation is rule-based: ‘If A, then B'. AI, on the other hand, is trained to learn, develop and grow using the data it is given. An AI system is constantly in a state of change.

That means that artificial intelligence is a great fit for cyber security, where malicious actors are continuously developing new attacks. The old signature-based style of defence is no longer enough to protect companies' crown jewels: their data.

"Cyber-attackers are growing faster and more sophisticated by the day," said Andrew Tsonchev, director of technology at Darktrace Industrial, the branch of the company that uses AI to secure industrial systems and critical national infrastructure.

"Organisations are facing everything from lightning-speed ransomware to stealthy ‘unknown unknowns' that bypass traditional perimeter defences to silently carry out espionage over long periods of time. Human defenders simply cannot keep up with modern threats, especially as they manage increasingly complex networks."

Ron Davidson, CTO of Skybox Security, said: "Signature-based systems are built around the concept of recognising and blocking the exploit and may require a new signature for each variant. The signature-based system doesn't fix the underlying weakness, though it could shield it for a while."

He added: "Organisations using traditional methods to deal with their own massive volumes of vulnerability occurrences will only see problems compound."

Several companies are now automating their security with the help of firms like Skybox, while others are working in the more advanced realms of AI. Darktrace is the leading organisation pushing this development in security and has the most widely deployed enterprise AI; its award-winning Enterprise Immune System defends against new threats and, like the human immune system, operates without prior knowledge or signatures.

There is no silver bullet for cyber security - Andrew Tsonchev, Darktrace

Tsonchev said: "In response to the global cyber struggle, the cyber security market is flourishing. ‘Machine learning' and ‘AI' have fast become industry buzzwords, but many innovations still require rules and signatures of previous attacks and human pre-programming to work. Developing technology that learns on-the-job in live networks is a difficult feat, and many fail outside the lab."

Speaking from an automation perspective, Davidson said:

"Even with automation, there still needs to be human oversight. Automating patching or change provisioning bring their specific risks to the equation that must be weighed against the reward of any potential time-savings. Considering errors that could be compounded via automated action and the potential for business disruption, a human element in these execution processes may still be best."

Darktrace takes a different view: Tsonchev says that humans need AI, rather than the other way around:

"Ultimately, there is no silver bullet for cyber security. However, businesses need to realise that humans, no matter how expert, cannot predict tomorrow's threat and are being consistently outpaced by fast-moving attacks that will soon be supercharged with their own AI.

"Only genuine AI defences can make sense of constantly evolving networks and stay ahead of novel attackers. Looking to real-world use cases of how these defences are working will help guide organisations in their hunt for effective cyber AI as they arm-up defences."

You may also like
Nvida revenues rise 265% on AI chips

Finance and Reporting

Looks set to make Nvidia more valuable than Amazon and Alphabet

clock 22 February 2024 • 2 min read
Gemma: Google unveils open AI models

Big Data and Analytics

Includes safety tools as standard

clock 22 February 2024 • 3 min read
UK AI chipmaker seeks buyer, report

Chips and Components

Graphcore has faced rising losses and falling revenues

clock 21 February 2024 • 2 min read
Most read

Intel splits in two, signs deal with Microsoft

22 February 2024 • 7 min read

Cambridge University hit by DDoS attack

20 February 2024 • 1 min read

Gemma: Google unveils open AI models

22 February 2024 • 3 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security Technology

UK's biometrics commissioners steps down, signalling missteps

UK's biometrics commissioners steps down, signalling missteps

Home Office is ignoring new technologies

Muskan Arora
clock 31 January 2024 • 4 min read
Endpoint is the path of least resistance, says Threatlocker

Endpoint is the path of least resistance, says Threatlocker

IT Leaders Summit debates the true purpose of endpoint security.

Penny Horwood
clock 05 October 2023 • 2 min read
GitHub announces passwordless authentication trial

GitHub announces passwordless authentication trial

The trial can be considered a milestone in the long demise of passwords

Penny Horwood
clock 13 July 2023 • 2 min read