40
AI
on the
Frontline
of Cyber
Threats
In the annals of cyber
warfare, the ability to
use machine learning to
detect and thwart threat
actors will go down as
a watershed event.
BY RUSS BANHAM
With a huge magnitude of data flowing
across the network and an equal magnitude of
threats to scour for, security experts shoulder
the burden of hunting for anomalies that could
indicate the presence of an outsider.
But not everything that looks suspicious
actually is suspicious. Compounding security
experts’ already daunting challenge of monitoring
thousands of malware variants and
malicious URLs is that traditional intrusion
detection systems often aim the searchlights
at too many potential suspects. (For example,
the employee who is on the network to print
birthday invitations late at night.)
“Just because a behavior is anomalous
doesn’t mean it’s malicious, but at least a
security analyst can gain more evidence to this
effect,” explains Jon Ramsey, chief technology
officer at Secureworks, an information security
services provider that protects customer
networks, computers, and information assets.
In other words, machine learning narrows the
field to the most likely threats. “Now a more
in-depth investigation can begin.”
ILLUSTRATIONS BY KEITH NEGLEY