Imagine handling your finances the good old traditional way, which not only will test your mathematical prowess but also consume a lot of your time. Consider the same calculations done on your computer, yielding more accurate results and saving your time and energy. Such are the applications of machines in our day-to-day activities. We are now living in a world where we are gradually coming to the reality of connected cars, face detection software and voice-controlled mechanisms, to name a few.
The influence of machines is all around us, enhancing and enriching our understanding in various aspects. The power of machines can never negate the capabilities of humans though since the computer itself could not have done the calculations completely independently. It would require human interference in terms of direction and data feeding. Hence, this brings out the importance of a symbiotic relationship between humans and machines.
When there is a cyber-security skills shortage
As an application of Artificial Intelligence, Machine Learning is about giving machines access to data, allowing them to learn themselves, and to respond. In brief, it gives them the ability to learn and build models in order to perform activities like prediction within specific domains. In the field of cybersecurity, professionals are in a fight every day to track down criminals who could disrupt governments, businesses, institutions, and lives. If an analyst requires 15 minutes to investigate and clear a security alert, then that person can only process about 30 alerts per day.
As per our observations, financial institutions, especially Tier 1 and 2, are dealing with more than 200,000 daily security alerts, with majority running more than 25 cybersecurity tools. Hence, the approach fails to allow security personnel to develop rational problem-solving skills. The cybersecurity workforce shortfall remains a critical vulnerability for companies and nations and as the threat landscape continues to evolve, the security skills shortage is going to further amplify.
Today IT professionals admit to a shortage of cybersecurity skills. This shortage can be responsible for direct and measurable damage to organizations whose lack of talent makes them more desirable hacking targets.
As the demand for new solutions rise to build the cybersecurity workforce necessary in a networked world, that’s where automation, human-machine teaming comes into foray. Machine learning is increasingly being leveraged in the security industry to automate advanced classification, scoping and prioritization of security events, or Analytics 3.0, making it possible to perform both predictive analytics and prescriptive analytics. It allows chief security officers (CSOs) to get the most out of human and security product assets with more accuracy, as more data is available to feed its algorithms. As IT teams need help analyzing faults, machine learning accumulates relevant data elements into one place, at the fingertips of security analysts when needed.
Delivering the best of both worlds
Many state-of-the-art machine learning approaches are based on decades-old concepts. What has changed over the past decade is that computers now have the processing power required for machine learning algorithms. Most of them demand a huge number of matrix multiplications and other mathematical operations to process. As new threats are introduced, security teams alone cannot sustain the volume, and machines alone cannot issue creative responses. It’s imperative to understand at this point that, though there have always been multiple technologies to help prevent, detect and respond to cyber threats, but human intervention will always be there.
Machine learning has also ensured security teams are better informed, where they can, therefore, make better decisions. Security executives realize that the intelligence and creativity of their security operations experts are critical business resources. The secret of machine learning is its ability to draw statistical inferences and construct models from crunching big data. The results of machine-learning calculations can drive endpoint security protection even before malware can execute through cleanup and remediation phases. Human-machine teams make endpoint security more effective without draining performance or inhibiting the user experience.
The most advanced organizations use a balance of manual and automated processes and are twice as likely to automate investigation processes as less mature organizations. It becomes the fastest way to identify new attacks and to push that information out to endpoint security platforms. Machine Learning in cybersecurity is here to stay and will be a critical component of any enterprise endpoint security strategy.
As an ally to machines, humans will continuously introduce new techniques and strategies, enabling security teams to employ machine learning to automate the discovery of new attack methods. A creative problem-solving approach and the unique intellect of the security team will always strengthen the response.
To quote Hellen Keller, ‘Alone we can do so little and together we can do so much’. The same holds true when we talk about the collaboration between machines and humans. The best way for security teams to get ahead cybercriminals is to allocate time for people to use their intelligence and creativity to enhance security practices, and to leverage efficiencies gained from machine-learning technology to make that time.
The author is the Managing Director of McAfee for South Asia.
Updated Date: Jan 25, 2018 19:41 PM