Your Next Security Analyst Will Probably Be A Computer

Watson, IBM's artificial intelligence computer, is capable of "learning" as it operates.

Advances in artificial intelligence and robotics are now making it possible for humans and machines to work side-by-side.

Cybersecurity requires a specialized skillset and a lot of manual work. We depend on the knowledge of our security analysts to recognize and stop threats. To do their work, they need information. Some of that information can be found internally in device logs, network metadata or scan results.

Analysts may also look outside the organization at threat intelligence feeds, security blogs, social media sites, threat reports and other resources for information. This takes a lot of time.

Security analysts are expensive resources. In many organizations, they are overwhelmed with work. Alerts are triaged, so that only the most serious get worked. Many alerts don’t get worked at all. That means that some security incidents are never investigated, leaving gaps in threat detection.

This is not new information for security pros. They get reminded of every time they read an industry news article, attend a security conference or listen to a vendor presentation. We know there are not enough trained security professionals available to fill the open positions.

Since the start of the Industrial Revolution, we have strived to find technical answers to our labor problems. Much manual labor was replaced with machines, making production faster and more efficient.

Advances in artificial intelligence and robotics are now making it possible for humans and machines to work side-by-side. This is happening now on factory floors all over the world. Now, it’s coming to a new production facility, the security operations center (SOC).

IBM has announced a new initiative to use their cognitive computing technology, Watson, for cybersecurity. Watson for Cyber Security promises to give security analysts a new resource for detecting, investigating and responding to security threats.

Once Watson learns the language and nuance of cybersecurity, it could become a very intelligent security analyst, giving security teams an advantage against the attackers targeting them. Up to now, the attackers have had all the advantages. As the security cliché goes, “The attacker only has to be right once, we have to be right 100% of the time.”

This may be a turning point for cybersecurity. Human security analysts are the bottleneck in security operations. Even with improvements in security analytics technologies for threat detection, analysts are still overwhelmed with alerts and data. Cognitive Security (IBM’s term for the use of cognitive computing in security) and emerging automation technologies will help to alleviate the bottleneck. In time, once they are proven successful, we may even start trusting the machines to make security decisions on their own. 

Information-Management: 

« Artificial Intelligence And Racism
Has The Cyber ‘Pearl Harbor’ Already Happened? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Kramer Levin

Kramer Levin

Kramer Levin is a full-service law firm with offices in New York and Paris. Practice areas include Cybersecurity, Privacy and Data Protection.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Learning Tree International

Learning Tree International

Learning Tree's comprehensive cyber security training curriculum includes specialised IT security training and general cyber security courses for all levels of your organisation including the C-suite.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Council for Information & Communication Technologies (CTIC)

Council for Information & Communication Technologies (CTIC)

CTIC was set up to address specific issues in the field of ICT relevant to the implementation of electronic government.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

Simply Hired

Simply Hired

Simply Hired is a job search engine that collects job listings from all over the web, including company career pages, job boards and niche job websites.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

INFRA Security & Vulnerability Scanner

INFRA Security & Vulnerability Scanner

INFRA is a powerful platform with an easy interface for any kind of Ethical Hacking, from corporate monitoring and VAPT (vulnerability assessments and penetration testing) to military intelligence.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.