There’s a never ending cycle between the measures cybersecurity providers introduce to prevent or remediate cyber threats and the tactics cyber criminals use to get around these security measures. As soon as a security company develops a way to mitigate the latest threat, attackers develop a new threat to take its place.

Artificial intelligence has emerged as a critical tool cybersecurity companies leverage to stay ahead of the curve. It makes defensive measures stronger and response times faster, but it’s not a perfect solution. AI is not a replacement for human intelligence—especially when it comes to identifying and mitigating threats—but it does advance cybersecurity in powerful ways.

Jump to:

• Machine learning identifies unknown threats
• AI improves incident response
• AI won’t replace cybersecurity pros
• Cybersecurity AI gone wrong

Machine learning identifies unknown threats

Machine learning is a component of artificial intelligence that helps cybersecurity tools operate more efficiently. It analyzes data and recognizes patterns so that it can detect changes in behavior. In this way, machine learning is able to identify and address threats before a human security engineer even realizes something is amiss.

Technology For Today And The Future

Michael Knight, Co-Founder and Head of Marketing at Incorporation Insight, says machine learning is one of the most useful AI components for improving cybersecurity. “Machine learning,” he explains, “provides an organization with the foresight to detect cyberattacks in advance, giving them ample time to strategize ways to counteract future and known threats.”

This technology enables cybersecurity tools to pinpoint attacks with more accuracy than a human security engineer. Machine learning keeps cybersecurity systems running at peak performance, and it will likely be the ticket to maintaining a strong cybersecurity infrastructure in the future.

“Historically,” Knight continues, “technology relied on past findings when developing strategies and preventative measures, causing organizations to adapt slowly to changes. As time passes, cyber threats become more sophisticated and evolved, and using traditional techniques to combat these threats will no longer suffice. The use of AI enables computers to adapt quickly and prevent threats.”

Machine Learning Security Tools

Not only does machine learning make cybersecurity operations more effective in the present, but it also ensures you won’t fall victim to an attack as cybercriminals’ tactics become more advanced. You’ll be hard-pressed to find a security tool that doesn’t include machine learning capabilities in some way because it’s an invaluable element in any cybersecurity strategy.

IBM QRadar SIEM, for example, detects and prioritizes threats company-wide. It aggregates information from sources across your network, including endpoints, servers, and applications. It then studies this information to determine how specific events are related and initiates a response if necessary. This kind of threat intelligence and analysis wouldn’t be possible without QRadar’s machine learning capabilities.

AI improves incident response

In addition to improving threat detection, artificial intelligence makes it possible for cybersecurity teams to respond to incidents faster and with more precision.

Evaluate Threats More Quickly

As digital transformation takes over the business world, security teams are tasked with processing and protecting unprecedented amounts of data. Artificial intelligence makes it possible to sift through this data and identify potential threats immediately. Before AI, cybersecurity tools used signature tracing techniques to match system activity to that of known threats. Not only did this limit the cybersecurity defensive measures a company could take, but it also meant the processes were slow and inefficient.

Harriet Chan, Co-Founder and Marketing Director of CocoFinder, says that behavioral analysis helps develop profiles of an organization’s applications by processing high volumes of data. This helps with prioritization and response to security alerts and gets to the root of the problem to avoid future issues.

“It is essential to understand the impact of various security tools and processes you have employed to maintain a strong security posture,” Chan says. “AI can help understand where your infosec program has strengths and where it has gaps.”

With behavioral analysis, cybersecurity tools are able to identify any signs of a threat—known or unknown—without wasting any time. There are often legitimate warning signs to imminent threats, and AI is able to detect these amid false positives. Security professionals are then able to use this knowledge to prioritize the threats and respond to them accordingly without worrying the information is unreliable.

Automate Defense Measures

Security orchestration, automation, and response (SOAR) tools have gained popularity among cybersecurity strategies since they were first introduced in 2017. In fact, the SOAR market is expected to reach $2.3 billion by 2025, according to a 2019 report from Report Buyer.

These tools are impactful because they use artificial intelligence to reduce the amount of human intervention needed to act on security threats across an ever-increasing surface area. By extension, SOAR platforms also minimize the risk of human error. This means cybersecurity automation helps with productivity as well as risk reduction.

SecOps teams can leverage automation to make their jobs easier. SOAR products allow them to set rules and create workflows, which act as a foundation for all processes. Then, they can focus on fixing the root cause of any detected threats rather than only addressing the symptoms.

SOAR tools also help with vulnerability management by testing integrations and configurations to identify areas of risk. Many tools can fix simple configurations automatically, which means security engineers can turn their attention to bigger priorities.

AI won’t replace human cybersecurity pros

A common misconception about artificial intelligence is that it will one day replace human intelligence. AI is good for improving efficiency and accuracy when it comes to cybersecurity operations, but human security engineers are still necessary for strategy and collaborative problem solving.

The human perspective, flawed as it may be, is also needed to discern good data from bad data. Artificial intelligence is based on data samples, so the AI is bad if the data is biased, inaccurate, or flawed. Only a human can tell whether the data is reliable. Security engineers must frequently review the data at the foundation of cybersecurity AI to ensure its reliability.

Bayt.com Co-Founder and CTO Akram Assaf explains that “most risks with AI come from organizations abandoning their responsibilities. You can’t just install a system and expect it to do the job for you. That’s not how it works, and even advanced cybersecurity systems powered by AI need to be regularly maintained and updated.”

Although artificial intelligence has tremendous benefits for your organization’s cybersecurity strategy, you still need people working to support it. Otherwise, you’ll be putting your weight on an unstable foundation.

Cybersecurity AI gone wrong

Aside from the staffing needs required to ensure successful AI implementation, it’s also important to understand the risks of using artificial intelligence for cybersecurity.

If an AI system is poorly implemented, it can be weaponized against a company in an attack. This could happen at the data level, where malicious actors manipulate the data sets that AI algorithms use to learn their behaviors. Vulnerabilities could also come from biases or gaps in the data. Hackers sometimes use a technique called neural fuzzing to determine where weaknesses lie in software that processes input data.

Thilo Huellmann, CTO at Levity.ai, explains this further:

“For learning purposes, machine learning systems rely on data. That is why it is critical for businesses to ensure the data’s dependability, integrity, and security; otherwise, erroneous forecasts may result. Hackers are aware of this and attempt to steal data from machine learning systems. They tamper with, corrupt, and poison that data to the point where the entire machine learning system collapses.”

“Businesses,” Huellmann continues, “should pay careful attention to the situation and take steps to reduce the danger. AI professionals should limit the amount of training data that cyber thieves can control and to what extent they can control it. Worse, you’ll have to defend all of your data sources because attackers can modify any data source you’re utilizing to train your machine learning algorithms. If you don’t do so, the chances of your machine learning training going crazy skyrocket.”

Hackers can also use artificial intelligence to power their cyberattacks. For example, they can build an intelligent piece of malware that can mutate to evade your cybersecurity defenses. These programs can think independently. If the attack isn’t successful in its first attempt, it adapts itself until it is able to compromise its target. This makes AI-fueled attacks especially worrisome.

To prevent your AI from working against you, it’s important to create safeguards. You should regularly evaluate the configurations of your devices and applications and monitor other areas of your cybersecurity infrastructure that aren’t directly-related to artificial intelligence tools. This is not only beneficial for your AI, but also for your security posture overall.

Protecting AI also includes establishing a chain of command and documented processes that can ensure swift action and accountability in the event of an attack.

The post How AI is Advancing Cybersecurity appeared first on Artificial Intelligence.

Machine learning is one of the most promising applications of artificial intelligence in businesses. However, almost nine out of ten projects fail before they even go live. DevOps and MLOps can help.

Allowing failure is one of the most basic prerequisites for innovation. If you are not prepared to fail, you will not be able to create anything new. As the German CTO of a Japanese IT service provider with a strong culture focused on innovation, I myself am deeply convinced of this. However, if only one of ten machine learning projects ever go live, something is definitely wrong. After all, machine learning is one of the central applications of artificial intelligence (AI) and the basis of numerous future technologies such as autonomous driving, smart cities, and the Industrial Internet of Things (IIoT). To advance ML and other AI technologies, we therefore need a new form of collaboration between the development and operation of solutions based on DevOps principles – MLOps for short.

Continuous evaluation

Why MLOps? Because AI is different. In traditional IT, the code determines the behavior of the system. The functionality of the system can be evaluated and tested step by step.

In artificial intelligence applications, on the other hand, data determines the behavior of the system. The difficulty here is that the source data is updated in machine learning and other AI processes. Therefore, we need to continuously monitor the behavior of ML models. This process corresponds to the principle of continuous integration (CI) in traditional software development. Experts in MLOps refer to this as continuous evaluation (CE). In addition to the technological know-how for automating evaluation processes, this has to include close collaboration with the company’s data scientists.

MLOps in practice

A typical use case for this type of MLOps is quality improvement. For example, a Japanese automotive company launched a project in which machine learning is to help improve vehicle quality based on complaint letters in natural language. ML analyzes the meaning of the complaint data in the texts. A particular challenge was to maintain the accuracy of the analyses even when introducing new products. Here, we created a simple and fast way to update new classification models based on “bag-of-words” and “gradient boosting”. The immediate result: In the areas of data processing, design, and deployment, the lead time was reduced by a total of six weeks. Among other things, the high speed of checking complaints had a positive impact here. At the same time, the model is much easier and more economical to maintain – throughout the entire lifecycle.

Similarly, in an AI project of an internationally operating insurance company, it was possible to simplify and automate the development and operation of the solution to such an extent that no operational support from IT is required for operation and continuous evaluation. The data scientists can dedicate their time to their data experiments – without any restrictions stemming from the IT infrastructure.

Reliability of AI

Third example: In an Italian bank, the aim was to detect anomalous behavior in gigantic volumes of financial transactions. Experts see this application as a key benefit of artificial intelligence in digital banking. However, the volumes of data involved make manual training of AI models impossible. By using MLOps, an automated system for training the data models was established. Since every analysis and every prediction is reproducible, this model also fulfills the most important requirement for AI, not only in the financial industry: reliability.

The post Advancing Machine Learning With DevOps appeared first on Artificial Intelligence.

From dictating which posts appear in our social media feeds to deciding whether or not a suspect might be guilty of a crime, data and computing have come to permeate nearly all aspects of our lives. But while these systems can offer many benefits, their faults — whether data breaches, unintentional biases in algorithms or the proliferation of misinformation — can have disastrous effects, especially on already marginalized individuals and communities.

That’s why Jennifer Chayes, UC Berkeley’s new data science leader, is dedicated to creating an environment where data and computing are informed by leaders from all disciplines, including ethics and the humanities, and where people of all races, genders and socioeconomic backgrounds are welcomed at the table.

Chayes, associate provost of the Division of Computing, Data Science, and Society (CDSS) and dean of the School of Information at Berkeley, discussed her vision for the future of CDSS at a virtual Campus Conversations event on Wednesday.

 “More and more of our public systems — (our) criminal justice system, our health system, our education system, our social welfare system — [are] being mediated by computing. … As [data science] becomes the fabric of our society, [we need to ensure) that it is a fabric that will serve its purpose properly,” Chayes said. “We need women, we need Black people, we need Latinx and Indigenous people building this fabric, because they will understand in ways different from the majority how [data] may be used.”

Chayes left her position as a technical fellow at Microsoft Research to lead CDSS in January 2020. Part of what drew her to Berkeley was the sheer scale of the data science research happening on campus, coupled with the wide variety of fields data scientists were working in — from climate change and sustainability to biomedicine and public health to human rights.

“I think, at Berkeley, we are going to have just many, many more disciplines interacting with each other,” Chayes said, when asked about her hopes for the future of the division. “I will feel like a failure if we don’t have joint faculty with every division and school and college on campus … because I think that all voices have to be here, everyone has to be at the table for this to be a success.”

To help increase racial diversity in data science fields, Chayes said that the division has approached historically Black colleges and universities about creating joint master’s programs. The data science major also tends to attract a diverse array of students, many of whom didn’t necessarily intend to go into data and computing when they entered Berkeley.

The CDSS is also planning the construction of a new data science building that will include extensive convening space for students, staff and faculty to collaborate.

“People really need to mix with each other,” Chayes said. “It’s something that I learned at Microsoft. I tried to have as flat of organizations as possible with philosophers, anthropologists and biologists and physicists and mathematicians and computer scientists and lawyers coming together and talking with each other. …  It’s not just learning the language of another discipline, … it is really understanding what are the important problems of other disciplines and why.”

The post Berkeley’s data science leader dedicated to advancing diversity in computing appeared first on Artificial Intelligence.