The Human Effect On AI Security

Uploaded on 2020-02-17 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Developments, TECHNOLOGY--Resilience

As a result of recent improvements in machine learning, the dreary work that was once done by people, filtering through apparently unlimited amounts of information searching for threat indicators and anomalies is now be capable of being automated. 

Artificial intelligence has transformed almost every industry in which it’s been used, including healthcare, the stock markets, and, increasingly, cybersecurity, where it’s being used to enhance human work and strengthen defenses, but ​humans remain front and centre in all aspects of cybersecurity.

With an expected 3.5 million cybersecurity positions expected to go unfilled by 2021 and with security ruptures increasing some 80% every year, infusing human knowledge with AI and machine learning tools is critical to shutting the talent availability gap. ​That is one of the recommendations of a report called Trust at Scale, recenlty released by cybersecurity experts Synack.

Synack reports that security teams that combine humans and artificial intelligence to do penetration testing can find vulnerabilities faster, cover a wider attack surface, and decrease the time needed to fix vulnerabilities. “There’s a lot of fear about artificial intelligence,” says Aisling MacRunnels, Synack’s chief marketing officer. “A lot of people think artificial intelligence is going to take over completely. What we have found is that there are definitely things that humans are wonderful at and there are things that machines are wonderful at and oftentimes they’re very different things.”

The combination of human and AI machines is important because "security risks and threats are always evolving and AI does not excel at higher-order tasks."  

When ethical human hackers were upheld by AI and machine learning, they became 73% increasingly proficient at identifying and evaluating IT risks and threats.The advantages of this are twofold:

  • Threats never again slip through the cracks because of fatigue or boredom, and cybersecurity experts are liberated to accomplish more strategic tasks, for example, remediation. 
  • Artificial intelligence can likewise be utilised to increase perceivability over the network. It can examine phishing by simulating clicks on email links and analysing word choice and grammar. It can monitor network communications for endeavored installation of malware, command and control communications, and the presence of suspicious packets. 

Furthermore, AI has changed virus detection from an exclusively signature-based framework which was entangled by issues with reaction time, proficiency, and storage requirements to the period of behavioral analysis, which can distinguish signatureless malware, zero-day exploits, and previously unidentified threats.

While the conceivable outcomes with AI appear to be unfathomable, the possibility that they could wipe out the role of people in cybersecurity divisions is unrealistic. 

While the ultimate objective of AI is to simulate human functions, for example, problem-solving, learning, planning, and intuition, there will consistently be things that AI can’t deal with (yet), as well as things AI should not handle.The principal classification incorporates things like creativity, which can’t be viably instructed or customised, and therefore will require the guiding hand of a human. 

While AI can unquestionably add speed and exactness to tasks generally handled by people, it is poor at extending the scope of such tasks. AI’s impact on the field of cybersecurity is the same as its effect on different disciplines, in that individuals frequently terribly overestimate what AI can do. 

Analytic Insights:        Tech Republic:      HR Executive:       Synack.com:

You Might Also Read: 

Industry 4.0 - Changing How We Live:

 

 

« Labour Party Risks £15m Fine For Not protecting Members' Data
GDPR's Impact In The US And Globally »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

CyberOwl

CyberOwl

CyberOwl builds on cutting-edge research and combines decades of experience in developing, securing and operating large distributed systems.

Templar Executives

Templar Executives

Templar Executives is a leading, expert and dynamic Cyber Security company trusted by Governments and multi-national organisations to deliver business transformation.

National Cyber Security Authority (NCA) - Saudi Arabia

National Cyber Security Authority (NCA) - Saudi Arabia

The NCA is the government entity in charge of cybersecurity in Saudi Arabia and serves as the national authority on its affairs.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC)

Bangladesh Computer Council (BCC) is a government body providing support for ICT related activities including formulating national ICT strategy and policy.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

Enet 1 Group1

Enet 1 Group1

Enet 1 Group audits, assesses, recommends, and delivers tested solutions for the ever-increasing threats to your critical systems and digital assets

CICRA Consultancies

CICRA Consultancies

Cicra Consultancies is a company that specializes in cyber security. Our major activities are guided by three main principles: Prevent, Investigate, Prosecute.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Peris.ai

Peris.ai

Peris.ai is a cybersecurity as a service startup that protects businesses and organizations from online threats.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Swick Technologies (SWICKtech)

Swick Technologies (SWICKtech)

SWICKtech offer IT managed services to increase IT security, stability, and performance for your organization.