Cybersecurity could be likened in some ways to our eternal battle against the common cold or similar ailment.
Humans often encounter germs or viruses against which we have no previous immunity – so we get sick, fight it off, then, hopefully, get better.
There’s a parallel principle at work in cybersecurity, where, increasingly, we see businesses turning to advanced “remedies,” such as artificial intelligence and cognitive computing, to fend off today’s rapidly-evolving threats.
A recent survey of over 200 security professionals conducted by Accenture and HfS Research illustrated a growing appreciation for, and pivot toward, this advanced technology.
For example, 55 percent of security pros in healthcare and pharmaceutical industries said they believed AI and/or cognitive computing will be “very important” or “critically important” to their ability to become a secure, digital enterprise.
Overall, 33 percent of survey respondents said they expected AI and cognitive computing to be very or critically important for their cybersecurity capabilities over the next 12 to 18 months – the highest figure among 13 technology categories.
There are good reasons this is happening.
The New “Normal”
Many of the older, traditional security tools are “signature” based, meaning they’re designed to discern unique identifying characteristics before letting anyone in, so to speak. These tools are looking for things they’ve “seen” before. You tell it what “bad” looks like and say, go look for it.
While we have a long way to go, we have already seen positive signs that our AI-based tools can identify potentially malicious actors or behavior that they haven’t seen before. You don’t have to tell it what kind of pattern to look for – rather, you provide a description of “normal” and it goes out and tells you when it sees something abnormal.
These advanced tools provide the ability to see previously undetected attacks, work with large data sets and the ability to adapt automatically. Furthermore, they’re demonstrably better at addressing so-called zero day vulnerabilities, the undisclosed software gaps that hackers can exploit to wreak havoc on programs, data, other computers or an entire network.
How to Fill the Skills Gap?
We’re at the stage where early adopters are using these advanced tools, particularly in financial services, government security and the big tech companies.
But advanced tools are not broadly deployed, and one of the biggest obstacles to wider use is the lack of the right skills. When AI and data science are used to find suspicious cyber activity, you’re combining two skill sets: Advanced data know-how and advanced cyber defense acumen.
How biological systems fend off real viruses can offer lessons. AI only finds the threat; it doesn’t block it—it needs context and understanding. You need to combine the disciplines of AI and cyber defense with industry context and operational understanding, and it’s very difficult to find all these skills. These are the pieces that form the “white blood cells” to make the sick better. You cannot solve this problem with only one or two pieces—you need them all. This is the DNA that makes this all work—that protects the organism (or organization).
While the promise is real, so far, very few organizations can access the talent to make it a reality. But with the right innovation that we are pouring into this problem, we expect AI-based cybersecurity to become a mainstream technology within three years.
Human meets virus, and it often doesn’t end well. The same goes for business. But we keep fighting and get better, smarter, stronger and more resilient.