Cognitive security to help fight cyber crimes

By Vaidyanathan R Iyer

Fact #1: Security of information is and will continue to be one of the cornerstones of the digital era.

Fact #2: The tools we have today and the programs that are run on all the machines are continuously under attack from both internal and external threats.

Fact #3: It has been near impossible till now to get a one-up on the various exploits and hacks.

As we continue to digitise our records and move towards a fully online world, concerns keep mounting over the security of the reams of data and confidential information stored online. And this has required enterprises and entities to move, at a near record speed, to transform and upgrade security strategy and systems to ensure the safekeeping of all data.

2015 was a blockbuster year for security hacks the world over. Following in the footsteps of the Stuxnet, and many other colorfully named attacks, cyber hacks have become more brazen and sophisticated each year. The email hack of a well-known US cinema studio was one that captured our attention right across the world. Aside from causing irreparable loss of data to businesses and people, and significant damage to reputations, the financial costs of these attacks run into billions of dollars.

Closer home, the recent” Ponemon – 2016 Cost of Data Breach Study: India ” indicates that India has become a hot target for cyber hackers.  India’s strong globalization push, Indian enterprises are gaining more exposure and attention. The economy is digitizing at a fast pace and cybercrimes are growing at the same speed and intensity.

The study reported that the average total cost of a data breach paid by Indian companies increased by 9.5 percent, while the per capita cost increased by 8.7 percent and the average size of a breach grew by 8.1 percent. Additionally, 41 percent of Indian companies experienced a data breach as a result of a malicious or criminal attack — the most common root cause was a data breach.

To proactively monitor and keep abreast of the various security threats, security analysts must sift through millions of documented security bulletins, threat reports and news articles published every year to identify security events that are most likely to be problematic. And the numbers are increasing each year.

Advanced analytics and other software tools help security analysts detect anomalies and determine high-risk threats, but the volume of information combined with the rate and sophistication of attacks has made it nearly impossible for any single analyst to keep up.

So while technology is certainly helping we need something to change the paradigm and this is where cognitive computing will be the game changer. Traditional security systems and approaches rely on analysing structured data but that only accounts for 20 percent of all the data out there. It’s the unstructured knowledge - the other approximately 80 percent of data delivered in natural language - that often proves most valuable in detecting and stopping threats before they cause harm.

Cognitive computing has the ability to tap into and make sense of this unstructured data enabling security analysts to gain new insights and respond to threats with greater confidence at scale and speed. Cognitive systems, like Watson, are taught, not programmed, using the same types of unstructured information that security analysts rely on. Like an analyst, the system can learn as it goes, able to recognize terms and make connections between them, so it can understand questions and use reason to provide answers. IBM is currently teaching Watson the language of cybersecurity by feeding thousands of documents into the system to build up its corpus of knowledge. In turn, the system will be able to recognize and automate connections between millions of pieces of data at a scale and speed like never before.

Cognitive computing will be a critical piece in our security strategies today and into the future, and is possibly the only technology that can help us keep up with the ever changing threat landscape. Watson for Cyber Security won’t replace security analysts, but it will augment their knowledge so they can more effectively investigate and respond to threats faster.

The author is Business Unit Executive, IBM Security Solutions.