Using AI and ML in cybersecurity solutions has great potential for improving security as long as they use accurate and clean data. Unfortunately, it is dangerous to rely on a single algorithm, or data set to take care of the entire security of the system. In the event of a compromise, either on the algorithm or the training data sets, it becomes impossible to identify and flag the malicious code or activities.
For instance, a hacker with access to a security company’s system can corrupt the training data by switching the labels such as tagging malware code as clean code. Alternatively, instead of altering the data, they can simply remove or modify the code that a model uses to flag malware. This makes it harder for the algorithm to catch the malicious code.
The best practice is to use several algorithms with different trigger points. For example, a security product such as the Microsoft Windows Defender, rely on a diverse set of algorithms. These have different features as well as training data sets. If an attacker compromises one algorithm or training data set, the remaining clean models will flag this malicious activity.
Future of artificial intelligence in cybersecurity
Although security companies can still provide solutions without AI, this is going to be a critical component that is likely to be part of all future products. Most of the large technology companies, security providers and AI start-ups are working on various ways to incorporate AI into their solutions. While some established companies are opting to start from scratch, others are acquiring AI start-ups instead.
Major companies using AI and ML in cybersecurity
Below are some technology companies that are embracing Al and ML.
- Google, Amazon, Microsoft, and others are already investing in AI to strengthen their cybersecurity. For example, Alphabet, the company that owns Google, has a new unit, the Chronicle, which is incorporating AI to provide better security for the organization’ systems. Also, IBM is integrating AI into their Big Blue Watson security system. Combining cloud computing, AI and data analytics, the supercomputer provides a comprehensive repository for cybersecurity professionals and vendors.
- Security companies such as Cisco Systems, Palo Alto Networks, and Fortinet are developing AI tools that will help them enhance the protection that their products provide. Fortinet has a web application firewall that is already using AI tools to detect and respond to attacks.
- Several AI start-ups are providing cybersecurity products that can spot and block attacks better than traditional technologies. In fact, some the start-ups such as CrowdStrike, Vectra Networks, Cylance, Darktrace, and others are already taking away the customers from the traditional security industry players.
Artificial intelligence and machine learning provide a better way of addressing current and future cybersecurity issues. Although these technologies are still in their infancy, they have great potential in the near future.
However, security companies must also realize that criminals can still use AI to get insights into the security systems and take advantage of vulnerabilities better than when using traditional means.