Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Carbon Black warns of over reliance on 'nascent' machine learning security

Tamlin Magee | March 31, 2017
It would be a mistake for businesses to over-rely on these systems, a report said.

malware istock
Image credit: iStock

Security vendor Carbon Black has issued a report warning businesses not to place too much trust in machine learning-based security products.

The company surveyed 400 non-vendor security professionals who overwhelmingly agreed AI-equipped technology is in its nascent phase, and so organisations must proceed with caution when adopting any such products.

Although AI-based technologies do have their place, it would be a mistake for businesses to buy into vendor hype or over-rely on these systems, the report said.

The findings echo a recent report from ABI Research that dedicated a significant section to warning against vendors peddling machine learning as 'snake oil'.

Security professionals cited high false positive rates and the ease with which machine learning-based technologies can be bypassed - at present - as the most serious barriers to adoption.

Respondents also said that the high false positive rate could have other negative impacts on operations, such as considerable slowdown if a team of researchers finds itself having to sift through and check against each of these.

Of course, the other side is that there will be plenty of customers who find machine learning-enabled security invaluable, especially in smaller organisations where the security team might be the same as the IT team, where automated processes are especially important.

But Carbon Black says that at present, machine learning and artificial intelligence technologies should be seen as a way to augment processes rather than as a wholesale solution.

According to the report: "AI technology can be useful in helping humans parse through significant amounts of data. What once took days or weeks can be done by AI in a matter of minutes or hours. That's certainly a good thing.

"A key element of AI to consider, though, is that it is programmed and trained by humans and, much like humans, can be defeated. AI-driven security will only work as well as it's been taught to."

Speaking at a roundtable event in central London, Rick McElroy, security strategist for Carbon Black, said: "The community has said the biggest benefits are this: it augments human decision making. I 100 percent agree with that, it should absolutely allow you to make better decisions. And it learns your company's security preferences. But here's the biggest risk - it's easy to bypass, so people are relying on things that are easy to bypass.

"False positives could cause you and your team hundreds of hours to go and figure out a false positive, only to end up with: 'oh, we just wasted a week's work on a false positive that never existed'."

According to the research, 70 percent of respondents felt that attackers are able to get past machine learning-driven security products, and a third of respondents claimed it was "easy" to do so.


1  2  Next Page 

Sign up for Computerworld eNewsletters.