In January Google's parent company, Alphabet, announced the launch of Chronicle – an artificial intelligence-based solution for the cybersecurity industry – promising “the power to fight cybercrime on a global scale.”
There are mixed opinions on the value and readiness of artificial intelligence (AI) in our industry. Just last year Google's own Heather Adkins, director of information security and privacy addressed the crowd at TechCrunch Disrupt 2017 and criticized the over use of artificial intelligence for the cybersecurity industry. Adkins argued that the implementation of artificial intelligence relies too heavily on feedback, “to learn what is good and bad…but we're not sure what good and bad is.” She went on to say that companies should invest in more human talent and less technology.
Chronicle is an about-face on that position, diving straight into the use of machine learning to combat cybercrime. The ever-changing landscape and scope of threats are pushing information security experts towards a solution that can adapt and react faster than existing applications and analysts are able to.
When it comes to winning the war against hackers today, AI and machine learning represent critical innovation. Chronicle's launch itself is further validation of the need for widespread AI adoption, and companies must realize this is the path to salvation. While major organizations like Alphabet are starting to realize the benefit of using AI in cybersecurity and are throwing their hats into the ring to drive innovation, there are many others who are still on the fence.
Here is what those organizations need to consider:
Throwing more humans at the problem is not a foolproof, viable solution.
Current patching procedures cannot assure a fully secure environment.
When Adkins was asked what advice she would give to businesses to keep their networks safe, she replied, “Pay some junior engineers and have them do nothing but patch.” The idea that the massive security issues facing businesses today can be resolved by putting more people on the job is naïve. If the ability to create an environment that is 100% secure is directly based on the number of humans defending it - there is absolutely no reason why Equifax should have been breached. After all, their team was comprised of 225 security professionals and their breach still boiled down to one person who forgot to deploy a single patch. Businesses need to understand that it doesn't matter how many experts they hire or how many procedures and processes they've put in place, because when it comes down to it….
There simply isn't enough cybersecurity talent available in the workforce.
It's easy for Google to say that more cybersecurity experts are the answer - they can easily attract and retain the very best in the business. However, for the average organization, there is a tremendous shortage of infosec professionals in the market today and it's set to get worse – in fact, it's predicted that our global cybersecurity workforce will be short 1.8 million by 2022. The top minds of our industry don't want to work in a cubicle in corporate America – they are attracted to Silicon Valley and innovative tech giants like Google, Amazon and Apple. If they don't wind up working for these companies, they are lured away by the inflated salaries and benefits packages of the Fortune 500. The mid-market is often the most vulnerable to cyber attacks and has the most difficulty finding talent. This leaves many businesses with one option – scramble to fill open roles and plug the holes with the latest and greatest AI-driven technology.
Humans will continue to fail and so will traditional security solutions.
Someone will always forget to patch – it doesn't matter how many junior engineers are on the job. Employees will never stop opening attachments and links from unknown sources. Internal analysts will continue to miss major network vulnerabilities. And vendors will not be able to identify and patch all zero-day exploits before an attack occurs. So what is the current solution? More technology is purchased to try and eliminate human error and yet, errors continue to occur. Again, take Equifax, a week after the company received the advisory and the patch was not deployed, a network scan also failed to identify the threat.
Last year, Oracle's Larry Ellison issued a battle cry for companies to move toward automation, saying, “It can't be our people against their computers—we're gonna lose that war. It's gotta be our computers versus their computers.” He's right; automation (including auto-patching technology) plays a major role in eliminating human error and winning the war means pitting robots against robots. But make no mistake about it, traditional technology and automation will also inevitably fail. In the same way, one person can forget a patch, one computer can get a bug, or get hacked or get “tricked” by an exploit that is smarter or yet unknown.
Artificial Intelligence represents the only viable future for cybersecurity.
Although Chronicle's launch is promising - there is still far too much hesitation when it comes to AI, machine learning and its future in our industry. The technology is already here, developed and ready to act as a completely independent, autonomous system that can be deployed as a layer over human talent and traditional technology. The myth of false positives can be overcome quickly during the training process, which is precisely designed to do just that. Artificial intelligence is limitless and nonlinear – smarter and faster than any human or computer, and the more it's trained, the more powerful it becomes. AI is not reactive, it is able to proactively identify and mitigate a threat before a patch is even developed and released, let alone applied and verified.
The entire industry needs to work towards a model that reduces human error while enabling and enhancing human oversight. The cybersecurity team of the future is much more than the narrow view of humans installing patches in combination with flawed, limited hardware or antiquated cloud-based solutions. Businesses need to focus on hiring security intelligence analysts that are experts in their field (whether that's retail, finance, healthcare, government etc.) that can analyze the specific anomalies that are flagged by artificial intelligence-driven cybersecurity solutions.
Make no mistake: The future of cybersecurity is about embracing and innovating for the partnership of man and machine – both relying on each other in the fight against hackers. It's the only path to success if organizations want a reasonable chance to survive the onslaught of complex, sophisticated, multi-vector attacks.