…but AI should be tapped to help analysts deal with cyber threats better.
SAN JOSE, CALIFORNIA – “There are not enough workers on cybersecurity and yet the threats are so many. The threat landscape is accelerating because we now have attack vectors we never had before,” said Greg Martin, CEO and co-founder of JASK.
Greg Martin said that – at least in our lifetime – “what AI won’t do is take humans out. I believe in five to 10 years AI will deal with (many of our security) issues, but the best defense is still the human mind behind the keyboard.”
In North America alone, it is estimated that there are three million cybersecurity jobs that are unfilled. This is why, “if we don’t develop AI to help the analysts to deal with cyber threats, we’re going to have bigger threats. The goal should always be to answer ‘How can we accelerate of cybersecurity workers?’”
Here, AI (artificial intelligence) comes in handy, as it “accelerates what we’re already doing with human workers (by) making machines do the work – e.g. high frequency pattern matching.”
But Martin said that – at least in our lifetime – “what AI won’t do is take humans out. I believe in five to 10 years AI will deal with (many of our security) issues, but the best defense is still the human mind behind the keyboard.”
This is why, added Kumud Kalia, CIO of Cylance, “the approach for us (should be) to embed AI in our functions.” This is because “the security analyst is often overwhelmed by information… The challenge is to keep everything organized and up to date so there won’t be weak links that can be exploited.”
There are also newer threats emerging. For instance, according to Martin, “cyber weapon is the new norm. We know government entities are using this. And so if this leaks out… the ramifications can be quite scary.”
And so “we need to learn how to recalibrate our solutions… so low and slow attacks can be detected. And this is also where machine learning is helping out.”
For Slavik Markovich, CEO and co-founder of DEMISTO, it isn’t just the threats that are growing in number; even the security tools are growing, too. And “the only way to bridge the gap is to automate as much as possible the workload and the worker that the threats go through,” he said.
Currently, there continues to be different concepts of AI. But for Markovich, no matter the iteration, “the big dream is for AI to solve all our problems; just throw stuff to it, and it will solve everything. But we’re still far from that, we’re not there yet,” he said.
And so, again, “the goal now (pertaining security management) is on how to make analysts be productive.” In the end, if AI can help answer: ‘What are the actions that the analysts do in day-to-day and how it can be used if newer threats come in?’, then “we can develop sequences of actions on how to deal with incidences as they arise,” Markovich ended.
