How AI can change information security

In information security, adversaries typically have an edge over defenders, but recent advances in artificial intelligence (AI) can provide the tools they need to reverse that asymmetrical advantage and return the high ground to the defenders.

“AI’s advent in security will make our jobs actually tenable and improbable. Attackers get to choose from thousands of vulnerabilities and once they’re in a target’s network, they can literally hide in the noise generated by most security solutions”

Sam Curry, Chief Security Officer of security platform maker Cybereason

Meanwhile, the defenders need to stop every attack every time in order to successfully defend their assets, an impossible task given the adversary’s intelligence and strong motivation to complete the operation.

“Defenders have to operate at scale everywhere all the time, where the bad guys get to pick the time, place and means to execute an attack. You know how that ends. But AI can change that,” Curry said

With every security company touting products that leverage AI, separating the hype from the substance can prove challenging. According to Curry however, AI can be a force multiplier for security teams when done correctly.

“There are clearly applications for AI, but it is a very difficult thing to get right because the bad guys are going to find ways around whatever security you build. This is the only part of IT that has extremely intelligent opponents,” he said.

Part of the definition of security is allowing the right people to have access to the right data and preventing the wrong people from accessing that data — a process that AI can help automate and scale beyond human limitations. With AI, strong authentication to prove who you really are doesn’t have to involve tokens, a key fob with changing passwords, or an SMS text — it can make these determinations based on behavioral and temporal inputs.

“Device authentication is another area that can benefit from artificial intelligence. Think about how complex the communications are in the world between all these different devices and people. You shouldn’t have to write a policy for how each one of these things is going to behave. The solution should be fluid and adapt to all”

Sam Curry, Chief Security Officer of security platform maker Cybereason

Artificial intelligence can be leveraged to block malicious events like malware execution, leading to fewer events like the infamous WannaCry ransomware attacks that spread rapidly across the globe.

Despite the potential for artificial intelligence to positively impact security, Curry points out that organizations need to understand how this technology can help their business if AI is to prove impactful. Technology providers that fail to understand their customer’s business and how AI fits into its risk losing clients.

“If a customer can’t understand how AI works and the vendor has trouble explaining it beyond bits and bytes in a way that would make sense to a business stakeholder, then failure is inevitable,” Curry noted.

About the author

Dan Poulsen

Dan Poulsen, Director Global System Integrators, EMEA

Dan Poulsen is Director of Global System Integrators at Cybereason, responsible for strategic alliances. Dan has over 15 years of experience building teams and working with some of the largest organizations in the world, helping them align business needs with cybersecurity requirements.

About Cybereason

Cybereason is the champion for today’s cyber defenders providing future-read attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves.
The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop (malicious operation). The result: defenders can end cyber-attacks from endpoints to everywhere.
Cybereason is a privately held, international company headquartered in Boston with customers in more than 30 countries.

Learn more

Interested in next publications?

 

Register to our newsletter and receive a notification when there are new articles.