“CISOs are well aware of the problems - they struggle to hire talent, and there are more devices and data that need to be analyzed. CISOs acknowledge the need for tools that will increase the efficiency of their SOCs. AI holds the promise but CISOs have not yet seen an AI platform that clearly/proves to increase human efficiency.”
“More and more CISOs fully understand that the global skills shortage, and the successful large-scale attacks against high maturity organizations like Dropbox, NSA/CIA, and JPMorgan are all connected,” says Darktrace CTO Dave Palmer, whose firm provides machine learning technology to thousands of companies across 60 countries worldwide.
“No matter how well funded a security team is, it can’t buy its way to high security using traditional approaches that have been demonstrably failing and that don’t stand a chance of working in the anticipated digital complexity of our economy in 10 years’ time.”
AI underdone by basics, cybercrime
But for all of this, some think we’re jumping the gun. AI, after all, seems a luxury item in an era in which many firms still don’t do regular patch management.
At this year’s RSA conference, crypto experts mulled how AI is applicable in security, with some questioning how to train the machine and what the human’s role is. Machine reliability and oversight were also mentioned, while others suggested it’s odd to see AI championed given security is often felled by low-level basics.
“I completely agree,” says Rose. “Security professionals need to continually reassess the basics – patching, culture, SDLP etc. – otherwise AI is just a solution that will tell you about the multitude of breaches you couldn’t, and didn’t, prevent.”
Schneier sees it slightly differently. He believes security can be advanced and yet still fail at the basics, while he poignantly notes AI should only be for those who have got the security posture and processes in place, and are ready to leverage the machine data.
Ethics, he says, is only an issue for full automation, and he’s unconcerned about such tools being utilized by black hats or surveillance agencies.
“I think this is all a huge threat,” says Ford, disagreeing. “I would rank it as one of the top dangers associated with AI in the near to medium term. There is a lot of focus on "super-intelligent machines taking over"...but this lies pretty far in the future. The main concern now is what bad people will do when they have access to AI.”
Warren agrees there are obstacles for CISOs to overcome. “It is forward thinking, and many organizations still flounder with the basics.”
He adds that with these AI benefits will come challenges, such as the costly rewriting of apps and the possibility of introducing new threats. “...Advancements in technology introduce new threat vectors.”
Sign up for Computerworld eNewsletters.