“A balance is required, or the environment will advance to a point where the industry simply cannot keep pace.”
AI security is no panacea
AI and security is not necessarily a perfect match. As Vectra CISO Gunter Ollmann blogged about recently, buzzwords “have made it appear that security automation is the same as AI security” - meaning there’s a danger of CISOs buying solutions they don’t need, while there are further concerns over AI ethics, quality control and management.
Arnaldo critically points out that AI security is no panacea either. “Some attacks are very difficult to catch: there are a wide range of attacks at a given organization, over various ranges of time, and across many different data sources.
“Second, the attacks are constantly changing...Therefore; the biggest challenge is training the AI.”
If this points to some AI solutions being ill-equipped, Palmer adds further weight to the claim.
“Most of the machine learning inventions that have been touted aren’t really doing any learning ‘on the job’ within the customer’s environment. Instead, they have models trained on malware samples in a vendor’s cloud and are downloaded to customer businesses like anti-virus signatures. This isn’t particularly progressive in terms of customer security and remains fundamentally backward looking.”
So, how soon can we see it in security?
“A way off,” notes Rose. “Remember that the majority of IPS systems are still in IDS mode because firms lack the confidence to rely on ‘intelligent’ systems to make automated choices and unsupervised changes to their core infrastructure. They are worried that, in acting without context, the ‘control’ will damage the service – and that’s a real threat.”
But the need is imperative: “If we don't succeed in using AI to improve security, then we will have big problems because the bad guys will definitely be using it,” says Ford.
“I absolutely believe increased automation and ease of use are the only ways in which we are going to improve security, and AI will be a huge part of that,” says Palmer.
Sign up for Computerworld eNewsletters.