Intelligent CISO Issue 13 | Page 38

FEATURE Machine Learning, Deep Learning is highly dependent on matching the right problems to the right tools. Deep Learning applications are best suited in the image processing and natural language processing fields. In cybersecurity, it has found a home in packet stream and malware binary analysis. These benefit most from supervised learning, when labelled (i.e. legitimate vs. malicious) data is available. But for insider threat detection, DL doesn’t enjoy wide adoption for several technical reasons. One is the black box nature of the model, where it’s impossible to explain the causes of the alerts. This renders investigations difficult. Machine Learning Machine learning is often expressed in the same breath as AI, but ML is more specific. To learn from collected data, it uses algorithms for prediction, classification and insight generation. With Machine Learning, a formal body of methods are grounded in solid mathematical foundations. Applied to cybersecurity, the right problems must be matched with the right ML tools. But not all problems require advanced ML tools. For example, some popular 38 indicators used in user behaviour analytics (UBA) are based on simple statistical analysis, such as p-value hypothesis testing used for rare event detection. On the other hand, many cybersecurity problems cannot be solved without Machine Learning. Consider phishing scam domain detection. In this instance, the URLs, WHOIS data, other properties, as well as the known (legitimate or malicious) labels of URLs are examined in a supervised learning setting to predict whether a domain is malicious. It does so without resorting to conventional, but less effective, blacklist- based matching. Keeping users’ data secure in an AI system Peer behind the messaging and examine what’s under the hood Artificial Intelligence (AI) solutions are transforming customer expectations when interacting with digital systems. These intelligent technologies provide automated 24–7 access to information and services across multiple channels, which in turn enables businesses to expand their offerings and provide a more compelling user experience, without increasing their overhead expenses. The cybersecurity marketplace is buzzing with AI and ML terminology. This isn’t surprising as data-driven approaches do lead to exciting applications that were never possible before. That said, it’s all too easy to get confused and thus, lost in the hype. It’s important to question what the problems or use cases being framed are and which analytical approaches are being used and why. Transparency and a thorough understanding of the terms and their use cases will help you demystify the hype. JOE MICHAEL, SOLUTIONS ARCHITECT AT IPSOFT, offers detailed insight on the steps that enterprises can take to increase the security of customer data within their AI systems. However, while these systems present massive opportunities for organisations to completely revolutionise the way that their customers and employees interact with their digital services, assuring the security and privacy of users’ Issue 13 |