How Machine Learning Plays a Critical Role in Cybersecurity’s Future

Contributed by: Tim Mullahy, Executive Vice President and Managing Director at Liberty Center One, a new breed of data center located in Royal Oak, MI. Tim has a demonstrated history of working in the information technology and services industry.

Machine learning has a part to play in cyber security. It would not be an exaggeration to claim that it’s already fundamentally changing how we protect our networks and data and that it will continue to do so moving forward. 

There’s a lot of doom and gloom in the media where artificial intelligence (AI) is concerned. Automation will result in massive job losses, we’re told. We’re fast approaching a singularity where humans will be rendered obsolete, replaced across multiple industries by unfeeling machines.

It’s all nonsense. As noted by Smart Data Collective, artificial intelligence is nowhere close to the point where it can replace human intelligence. It might never get there. Machines cannot, for instance, think critically. Even the most advanced artificial intelligence platform cannot adequately replicate our capacity for extrapolation and intuition. There is no such thing as a ‘gut feeling’ where AI is concerned – something either is or it isn’t. Machines are also incapable of true creativity. They cannot formulate strategies without human input, nor can they dream up new scenarios based on imagination alone. They are limited to the data they have been given. Nothing more, nothing less.

That isn’t to say there’s no value in artificial intelligence. Quite the contrary, in fact. Hype and anxiety aside, machine learning actually has a critical role to play in the future of cybersecurity.

Hype and anxiety aside, machine learning actually has a critical role to play in the future of cybersecurity.

Picture your typical cybersecurity team. Even with skilled professionals, it cannot direct its attention everywhere at once. It cannot sift through the countless gigabytes of data generated by even a small-scale organization.

That’s where artificial intelligence comes in. With a bit of human guidance, an AI can function as something of a “digital immune system” for an organization. By being fed data on typical operations, it can establish a baseline for what’s ‘normal’ within a network. 

Any network or user activity that falls outside of that baseline can then be immediately flagged, alerting the human IT professionals and allowing them to determine whether or not action should be taken. As the system becomes more formidable and learns more about the network, it could eventually begin to “judge” whether or not a particular activity constitutes a vulnerability or attack. The humans operating the system could then configure it to automatically shut down certain flagged behaviors, allowing them to focus their attentions elsewhere.

In short, machine learning equips businesses with the capacity for a more proactive approach to threat detection and mitigation. 

Of course, it’s important to consider the other side of the coin here, as well. Just as cyber security professionals can leverage machine learning to protect their networks, criminals can leverage similar platforms to attack them.

“Though many machine learning tools have already shown promising results in providing defense, researchers almost unanimously warn about the ways attackers have begun to adopt machine learning techniques themselves,” reads a piece on tech publication Wired Magazine.

“Examples already exist in the wild, like hacking tools that use machine vision to defeat Captchas  … if attackers can figure out how an algorithm is set up or where it draws its training data from, they can figure out ways to introduce misleading data that builds a counter-narrative about what content or traffic is legitimate versus malicious.” 

In this way, artificial intelligence represents just one more stage in the endless arms race between businesses and cyber criminals. Machine learning platforms will inevitably allow businesses to take a more complete, consistent approach to guarding themselves against external attack, internal bad actors, and malware. 

At the same time, it’s important to remember that machine learning isn’t a holy grail – just as it’s important to remember that the driving force behind its evolution is neither data nor software.

It is, and always will be, humans.