AI is the only option in the future of cyber security – Ericsson
The cybersecurity wars of the future will be fought by good artificial intelligence (AI) bots and bad ones, with the rest of us just watching to see who wins, writes Telecoms.com (Banking Technology‘s sister publication).
That’s the future according to Jason Hoffman, Ericsson’s VP of cloud infrastructure. It isn’t quite as dark as the world being taking over by robots or sentient beings, but it’s a very realistic possibility due to the vast complications and workloads which will soon be placed on security teams.
“Ironically and unfortunately, some of the people who are becoming most advanced when it comes to AI in the security world are the ones on the offensive,” says Hoffman. “These are the cyber criminals, and one of the only ways to combat these guys will be to escalate defences to be built around AI.”
It’s a world which pits computer against computer, where Darwinism has taken a twist. The definition of “fittest” moves away from strength and into the sphere of the intellectuals. But this is the end of the story, not the beginning.
At the beginning, where we are right now, there is a shift in the security paradigm. In the first instance, its due to the way infrastructure is purchased and managed. In years gone, buying and securing infrastructure was relatively simple. You bought the hardware and set up restrictions surrounding the software do define who could access sensitive areas. The introduction of cloud computing has increased accessibility, and therefore the way in which we make our life secure.
One of the most attractive principles of cloud computing is the ease to scale and consume. On the operational side, this is a game changer, but for security it becomes a much more complicated task. The security paradigm has been permanently altered, as more people are now able to access sensitive areas of the machine.
If one objective is to remove the threat of malicious insiders, the task has become more complex, as the ease of consumption has multiplied the number of potential malicious insiders vastly. Restrictions have to be opened up to create the cloud business model and move towards a DevOps mindset, but this involves a much more comprehensive security and governance model to be put in place, which most organisations do not currently have.
Another complication is the means the shift in how infrastructure is managed. Previously, hardware has been bought, it is secured in the warehouse and then shipped to the customer. It was secure until it had served its purpose and ultimately replaced. Hoffman highlighted that a continuous stream of software updates now mean the system is only as secure as it was the last time you checked. Every update is a potential weak link in the perimeter, which again, organizations are not prepared for. It involves a complete rethink of how supply chain assurance is managed.
In both these instances, the data which needs to be managed to ensure security is far too vast for any human to consider. From Hoffman’s perspective, the only option is a machine learning algorithm, which understands what would be considered normal performance from each component, and constantly monitors for the anomalies. Here, AI is aiding the security professionals by finding the leak and then alerting, but it won’t be long before AI is the leading player.
The real complication will come when the use of AI by cyber criminals becomes more mainstream. It would be naive to think AI will only be used for good, and you can almost guarantee there are countless AI algorithms being developed to probe an organisations perimeter, searching for a means to penetrate security features. As machine learning takes hold and the algorithms become more sophisticated, the threat of a breach could turn into reality in the blink of an eye as the superior power of a computer takes advantage of any weakness before a human has even hit the keyboard.
It’s very doom and gloom, but it’s realistic. We currently do not have the manpower to ensure organisations and their networks are secure 100% all of the time, as new cloud-based infrastructure is added with ease, and the old is undated at a mind-boggling pace. Diagnostics will have to be done by the computers, as will updates to ensure the pace of positive change is matching the threat.
Cyber criminals will exploit the human assumption of security. Most people have a trusting nature to them, assuming official updates would have been thoroughly tested and completely secure. A machine, however, will remove the risk of assumption.
“As with any stage of evolution, you have to be prepared to hand away an element of control,” says Hoffman. “We are getting towards a point where AI will be the only form of defence, but will we as humans be prepared to hand over that control?”
In the cyber war which is brewing on the horizon, we might well just be spectators.