Predictions Series 2022: Top AI-based Cybersecurity Trends to Secure Your Enterprise
Welcome to our Predictions Series 2022. Today, we are discussing the top AI-based cybersecurity trends that could revolutionize the global economy around Artificial Intelligence, Predictive Analytics, and other emerging technologies in the upcoming year.
Today, we are hosting insights from Dr. Karen Panetta, IEEE Fellow. Dr. Karen Panetta is the Dean of Graduate Education for the School of Engineering and a professor of electrical and computer engineering at Tufts University. She is a prolific inventor changing lives through her pioneering approaches to solve society’s greatest challenges using technology.
Hi Dr. Karen, please tell us if AI is more effective as a tool to prepare for, prevent, or respond to cyber-attacks?
AI can help assist in many ways. It has the capacity to investigate massive quantities of data from disparate sources, such as blogs, news and scholarly publications, to ensure known security gaps are closed quickly and anticipate the methods and trends being used by attackers. Humans alone can’t possibly look at all the scenarios and need assistance using automated methods that can alert them to suspect behavior or bring attention to unexplainable anomalies. AI can also do risk analysis and be trained to recognize malicious IP addresses. The downside is that, while AI is being used to assist humans, cybercriminals are also using it to help discover gaps in security systems and vulnerable systems that have not updated their security protocols to be compliant when new threats are discovered and publicized.
Are AI-based cybersecurity solutions generalized or tailored to specific industries?
(Healthcare vs. industrial manufacturing, for example)
Each business has different needs, but there are underlying common foundational functions focused on preventing unauthorized access, ensuring the privacy of information, and performing rigorous authentication for financial transactions. In health care, for instance, it’s important that medical records of patients are not distributed via unprotected channels, and for a financial institution, it’s important to ensure false accounts are not established via identity theft. Examples we have seen include theft of tax returns or stimulus checks and false unemployment benefit claims. For factory automation, where there are many IoT devices that are connected wirelessly, it is important that no particular device opens a vulnerability that could interrupt manufacturing or provide backdoor access to the larger system that could lead to an organization being held “ransom.”
What are some ways that AI is already enhancing companies’ cybersecurity efforts?
Companies are looking at data from different perspectives based on their clients’ behaviors. For instance, if you never travel, but your credit card shows activity outside of your normal shopping areas, then you may receive an alert, and your card may block the transaction until you confirm that you did make that purchase.
AI is customizing the service based on specific user behaviors.
How mature are AI-based cybersecurity solutions?
These systems are getting much better, but they are still not fully autonomous and need humans who truly understand how to interpret the data and results. The field of AI is still in its infancy concerning the explainability and observability of the results from AI systems.
For instance, how did the AI arrive at a final decision? Is it producing intermediate data features and relationships that we can observe that may help us better understand the cause-effect relationships in new ways?
Can you explain how some of these tools work?
These tools work by using deep-learning networks (neural networks) that are trained on massive amounts of data and then tested for known kinds of scenarios. They look at process flows and use statistical analysis to look at network traffic, the kinds of network traffic, requests and who, where these requests are coming from.
How are emerging technologies optimizing AI-based cybersecurity solutions?
IoT sensors are collecting data from inside and outside businesses and organizations in addition to data being gathered from our online activities and public databases. There is so much data available, and cloud technologies are instrumental in helping process all this data, but we are learning that data needs to be curated and annotated to be effectively used to train and optimize AI systems.
What is the Holy Grail of AI-based solutions in enterprise cybersecurity, and what will it take to get there?
Right now, AI systems are doing well at automating repetitive tasks and process flow checks to reduce human intervention. Still, when it comes to cybersecurity, the name of the game is discovering security threats, monitoring activity for suspicious behaviors and anomalies. This is a fluid dynamic process and AI of the future will need to learn more from other fields like psychology and social sciences to anticipate the mindset of cybercriminals and correlate these concepts to how they can be used to prey on populations or use data to conduct cybercrimes.
Are there any misunderstandings around AI’s use in cybersecurity that you would like to clear up?
Too many people think that AI is the definitive all-knowing expert that knows more than its counterpart human experts.
This is not true.
AI requires significant training data, and it may never capture aspects of the expertise of the human that has vast experience working with the data. If a system is not trained and misclassifies data, we need to have the sense to question the results and understand how the AI arrived at this decision, rather than having blind trust in it. The intermediate step before we arrive at fully trustworthy AI is to have it partner with the human when it doesn’t know with confidence what the outcome should be and have the human augment the data with their expertise.