IBM Watson Fights Real-Time Cyber Crime

You may know Watson as IBM’s Jeopardy-winning, cookbook-writing, dress-designing, weather-predicting supercomputer-of-all trades. Now it’s embarking on its biggest challenge yet: Preventing cybercrime in finance, healthcare, and other fields.

Starting early December, 40 organizations will begin to rely upon the clever computers cognitive power to help spot cybercrime. The Watson for Cybersecurity beta program helps IBM too, because Watson’s real-world experience will help it hone its skills and work within specific industries. After all, the threats that keep security experts at Sun Life Financial up at night differ from those that spook the cyber-sleuths at University of New Brunswick.

Watson isn’t starting from scratch here. IBM researchers started training Watson in the fundamentals of cybersecurity last spring so the computer could begin to analyse and prevent threats. Now it graduates to real-world situations to further hone its skills. Think of it as the world’s smartest intern.

Ransomware

The computer’s done a lot of cramming since May. Cyberspace is vast, and the more of it Watson recognizes and understands, the more effectively it can discern the difference between benign threats and real problems. Watson’s great skill isn’t the ability to comb through huge amounts of information (though it does that too), it’s the ability to contextualize that information by combining structured data such as specific security events with unstructured data like white papers, research reports, and blog posts.

“Cognitive computing is 30-40% faster than traditional rule-based systems,” says Forrester Research analyst Andras Cser, who adds that cognitive systems like Watson also result in fewer false positives. Because it learns as it goes, it doesn’t repeat the same mistakes.

Before it could do that, though, Watson needed to study. Researchers fed Watson up to 15,000 documents each month through the fall, linking it to libraries and news feeds in real-time to keep its knowledge base current. Volume, too, is only half the battle; Watson must understand what words mean before it can know how they relate.

Take “ransomware.” You might know it as an increasingly prevalent type of hack that holds computers and systems hostage until the victim pays up. For a while Watson, thought it was a place.

When IBM researchers annotated “ransomware” documents with a definition, Watson finally understood that his teachers aren’t obsessed with some far-flung metropolis.

It’s a fun anecdote that illustrates the challenges and opportunities of bringing Watson up to speed. What it doesn’t know, it can use context to guess. If it guesses wrong, it can learn. And once it learns, it never forgets. Which is where the beta program comes in.

Dialect Coach

Now, Watson’s beta isn’t like the kind you associate with consumer software.

“In a regular development project, you assign a testing matrix and go through testing to see how it deals with the tests,” says Barlow. “In this case, it’s much more like human learning. There are things it can do in grade school, things it can do in high school, things it can do when it goes off to college, and things it can do when it’s had a lot of experience in the industry. Watson will follow a very similar journey.”

In other words, Watson currently understands the fundamentals of security. Now it must learn the specific vernacular that peppers various use cases. “The language of security in the healthcare industry is probably completely different than the language of security in the energy sector,” says Barlow.

During the beta, Watson will embed with a few dozen companies and provide their security analysts with reports and recommendations. Specifically, Watson can identify whether a security event is associated with known malware and provide relevant background, as well as identify suspicious user behavior. Also think of password entry; are repeated failed attempts an absentminded user, or an attempted break-in?

Watson doesn’t replace humans, but rather helps make them faster and more comprehensive in their response. IBM research shows that security teams sift through an average of 200,000 potentially significant events per day; a computer that prioritizes those events and reveals how they fit into the broader security climate saves worlds of time.

And in the process, save companies, and their customers, from potentially crippling threats. Not a bad learning curve for a computer that until recently was looking for ransomware on a map.

Wired:           IBM’s Watson Will Use AI To Treat Cancer:

 

 

« Behavior Analytics Tools For Cyber-Security
Cyber Police Stations Across India »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI) is a premier federal law enforcement agency within the Department of Homeland Security (DHS).

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

Infowhiz solutions

Infowhiz solutions

Infowhiz provides solutions for backup/disaster recovery and network security.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

Government Communications Security Bureau (GCSB)

Government Communications Security Bureau (GCSB)

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

Asset Guardian Solutions (AGSL)

Asset Guardian Solutions (AGSL)

Asset Guardian are dedicated to protecting the integrity of process control systems software that is used to control operations and production processes.

BlackRidge Technology

BlackRidge Technology

BlackRidge Technology develops, markets and supports a family of products that provide a next generation cyber security solution for protecting enterprise networks and cloud services.

VariQ

VariQ

VariQ is a premier provider of Cybersecurity, Software Development and Cloud services to federal, state, and local government.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Eurotech

Eurotech

Eurotech provides Edge Computers and IoT solutions. We help to connect your assets and make them smarter through secure and agnostic hardware and software technologies.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

Panoplia Digital Protection

Panoplia Digital Protection

Panoplia Digital Protection is a cutting-edge cybersecurity company that leverages the power of AI and ML to help businesses and consumers protect themselves against cyber threats.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.