In 2018 there were around 10.5 billion malware attacks. We can start wondering if it’s not too much for humans to handle.
Cyberattacks are getting more and more common and sophisticated also in critical infrastructure systems. According to the Department of Homeland Security, there is a 383% increase in cyberattacks against critical infrastructure. It can be a precursor of thinking about AI as the protection of critical infrastructure systems to save people from damage.
Machine learning can do fine work. Cybersecurity systems generate lots of data, and machine learning can quickly scan large amounts of data and analyze it using statistics. Machine learning is increasingly being used to expose threats and break them before they could do damage. A huge advantage of AI is scale. Specialists can perform the previous testing against cyber attackers using machine learning the same way an attacker may, and then they can track potential threats on a scale that humans are not able to. AI can be used to learn patterns and find breaches.
According to the publication “BENEFIT FROM AI IN CYBERSECURITY” in 2016, US$3.1 billion was invested in 279 cybersecurity startups, AI and machine learning ideas were the top investments.
There is a prediction that machine learning investments in cybersecurity will reach up to US$96 billion by 2021.
Companies are using more advanced machine learning models to protect against more “fancy” threats. Private sector businesses and corporations and even governments are using AI technology. AI can save time and money by using structured data quickly, and reading and learning unstructured data, statistics, words, or phrases.
For example, Darktrace uses machine learning algorithms to spot patterns and identify potential cyber criminality in sectors like energy, manufacturing, retail, and transportation.
Comae develops endpoint detection and response software to find threats to business applications.
MIT’s Computer Science and Artificial Intelligence Lab uses machine learning to analyze data and cybersecurity threats to be able to view 100-200 items per day only, compared to the tens of thousands of items that cybersecurity analysts usually have on a daily basis.
Microsoft's Windows Defender is software that employs multiple layers of machine learning to identify and block recognized threats.
SQRRL has designed a cyber-threat hunting platform that searches through networks to find code that could avoid security measures by using machine learning to turn data points into a behavior map, which acts as a visual representation of a computer network and presents where threats could happen.
Chronicle with the product Backstory analyzes huge amounts of security data (internal network activity, or suspected malware) and uses machine learning to make them more easily digestible insights.
DEMISTO has a security platform that specializes in security orchestration, automation, and response and helps larger companies coordinate security threat response efforts. Demisto uses machine learning to prioritize those alerts.
BLACKBERRY develops cybersecurity solutions that use AI and machine learning to prevent cybersecurity threats and automate customers’ threat response capabilities.
Splunk software has products like Splunk Enterprise Security and Splunk User Behavior Analytics that use machine learning to detect threats so they can be quickly eliminated. They also have a variety of applications, such as IT operations, analytics, and cybersecurity.
The advantages of artificial intelligence in cyber security are clear. Machine Learning helps improve how security experts analyze, study, and understand cybercrime. It strengthens cyber security technologies and helps organizations and customers stay safe from cybercrimes. AI lowers the cost and makes organizations faster at reacting to breaches.
On the other hand, we can also find some disadvantages of artificial intelligence. It can be very resource intensive and it may not be practical in all applications. What’s important, it also can be used by cybercriminals to improve their cyberattacks and hackers can adjust to AI systems so the specialist will need to find new remedies.
AI is unable to totally replace human decision-making to protect companies from cyberattacks but for sure AI can greatly improve the processes.