Category Archives: Cognitive Security

With AI for Cybersecurity, We Are Raising the Bar for Smart

It’s hard to imagine something more frustrating to a runner than moving the finish line after the race has started. After all, how can you set a proper pace if the distance keeps changing? How will you know you’ve succeeded if the definition of success is in flux?

In a sense, that’s what has happened over the years in the field of artificial intelligence (AI). What would you call something that could add, subtract, multiply and divide large, complex numbers in an instant? You’d probably call it smart, right? Or what if it could memorize massive quantities of seemingly random data and recall it on the spot, in sequence, and never make a mistake? You might even interpret that sort of brain power as a sign of genius. But what exactly does it mean to be intelligent, anyway?

Now that calculators are included as default features on our phones and smartwatches, we don’t consider them to be particularly intelligent. We also have databases with seemingly infinite capacity at every turn, so we no longer view these abilities as indicative of some sort of higher intelligence, but rather as features of an ordinary, modern computer. The bottom line is that the bar for what is generally considered smart has moved — albeit far from the first time.

What Does It Mean to Be Intelligent?

There was a time when we thought that chess was such a complex game that only people with superior brain power could be champions. Surely, the ability to plot strategies, respond to an opponent’s moves and see many moves ahead with hundreds or even thousands of outcomes was proof of incredible intellect, right?

That was pretty much the case until 1997, when IBM’s Deep Blue computer beat grandmaster and world champion Gary Kasparov in a six-game match. Was Deep Blue intelligent even though the system couldn’t even read a newspaper? Surely, intelligence involved more than just being a chess savant. The bar for smart had moved.

Consider the ability to consume and comprehend huge stores of unstructured content written in a form that humans can read but computers struggle with due to the vagaries of normal expression, such as idioms, puns and other quirks of language. For example, saying, “it’s raining cats and dogs,” or that someone has “cold feet?” The former has nothing to do with animals and the latter is not a condition that can be remedied with wool socks.

What if a system could read this sort of information nonstop across a wide range of categories, never forget anything it reads and recall the facts relevant to a given clue with subsecond response time? What if it was so good at this exercise that it could beat the best in the world with more correct responses in less time? That would surely be the sign of a genius, wouldn’t it?

It would have been until, in 2011, IBM’s Watson computer beat two grand champions at the game of Jeopardy! while the world watched on live TV. Even so, was Watson intelligent, or just really good at a given task as its predecessors had been? The bar for smart had moved yet again.

Passing the Turing Test: Are We Near the Finish Line?

The gold standard for AI — proof that a machine is able to match or exceed human intelligence in its various forms by mimicking the human ability to discover, infer and reason — was established in 1950 by Alan Turing, widely considered the father of theoretical computer science and AI. The Turing Test involved having a person communicate with another human and a machine. If that person was unable to distinguish through written messages whether they were conversing with the other person or the computer, the computer would be considered intelligent.

This elegant test incorporated many elements of what we consider intelligence: natural language processing, general knowledge across a wide variety of subjects, flexibility and creativity, and a certain social intelligence that we all possess, but may take for granted in personal communications until we encounter a system that lacks it. Surely, a computer that can simulate human behavior and knowledge to the extent that a neutral observer could not tell difference would be the realization of the AI dream — finish line crossed.

That was the conventional wisdom until 2014, when a computer managed to fool 33 percent of evaluators into thinking they were talking to a 13-year old Ukrainian boy. Surely, this achievement would have convinced most people that AI was finally here now that a machine had passed the iconic Turing Test, right? Nope — you guessed it — the bar for smart had moved.

How AI for Cybersecurity Is Raising the Bar

Now, we have systems doing what was previously unthinkable, but there is still a sense that we’ve yet to see the full potential of AI for cybersecurity. The good news is that we now have systems like Watson that can do anything from recommending treatment for some of the most intractable cancer cases to detecting when your IT systems are under attack, by whom and to what extent. Watson for Cybersecurity can do the latter today by applying knowledge it has gleaned from reading millions of documents in unstructured form and applying that learning to the precise details of a particular IT environment. Better still, it does all this with the sort of speed even the most experienced security experts could only dream of.

Does it solve all the problems of a modern security operations center (SOC)? Of course not. We still need human intelligence and insight to guide the process, make sense of the results and devise appropriate responses that account for ethical dilemmas, legal considerations, business priorities and more. However, the ability to reduce the time for investigations from a few hours to a few minutes can be a game changer. There’s still much more to be done with AI for cybersecurity, but one thing’s for sure: We have, once again, raised the bar for smart.

The post With AI for Cybersecurity, We Are Raising the Bar for Smart appeared first on Security Intelligence.

How CISOs Can Facilitate the Advent of the Cognitive Enterprise

Just as organizations are getting more comfortable with leveraging the cloud, another wave of digital disruption is on the horizon: artificial intelligence (AI), and its ability to drive the cognitive enterprise.

In early 2019, the IBM Institute for Business Value (IBV) released a new report titled, “The Cognitive Enterprise: Reinventing your company with AI.” The report highlights key benefits and provides a roadmap to becoming a cognitively empowered enterprise, a term used to indicate an advanced digital enterprise that fully leverages data to drive operations and push its competitiveness to new heights.

Such a transformation is only possible with the extensive use of AI in business and technology platforms to continuously learn and adapt to market conditions and customer demand.

CISOs Are Key to Enabling the Cognitive Enterprise

The cognitive enterprise is an organization with an unprecedented level of convergence between technology, business processes and human capabilities, designed to achieve competitive advantage and differentiation.

To enable such a change, the organization will need to leverage more advanced technology platforms and must no longer be limited to dealing only with structured data. New, more powerful business platforms will enable a competitive advantage by combining data, unique workflows and expertise. Internal-facing platforms will drive more efficient operations while external-facing platforms will allow for increased cooperation and collaboration with business partners.

Yet these changes will also bring along new types of risks. In the case of the cognitive enterprise, many of the risks stem from the increased reliance on technology to power more advanced platforms — including AI and the internet of things (IoT) — and the need to work with a lot more data, whether it’s structured, unstructured, in large volume or shared with partners.

As the trusted adviser of the organization, the chief information security officer (CISO) has a strong role to play in enabling and securing the organization’s transformation toward:

  • Operational agility, powered in part by the use of new and advanced technologies, such as AI, 5G, blockchain, 3D printing and the IoT.

  • Data-driven decisions, supported by systems able to recognize and provide actionable insights based on both structured and unstructured data.

  • Fluid boundaries with multiple data flows going to a larger ecosystem of suppliers, customers and business partners. Data is expected to be shared and accessible to all relevant parties.

Shows relationship between data, processes, people, outside forces, and internal drivers (automation, blockchain, AI)Source: IBM Institute for Business Value (IBV) analysis.

Selection and Implementation of Business Platforms

Among the major tasks facing organizations embarking on this transformation is the need to choose and deploy new mega-systems, equivalent to the monumental task of switching enterprise resource planning (ERP) systems — or, in some cases, actually making the switch.

The choice of a new platform will impact many areas across the enterprise, including HR and capital allocation processes, in addition to the obvious impact on how the business delivers value via its product or service. Yet, as the IBM IBV report points out, the benefits can be significant. Leading organizations have been able to deliver higher revenues — as high as eight times the average — by adopting new business and technology platforms and fully leveraging all their data, both structured and unstructured.

That said, having large amounts of data doesn’t automatically translate into an empowered organization. As the report cautions, organizations can no longer simply “pour all their data into a data lake and expect everyone to go fishing.” The right digital platform choice can empower the organization to deliver enhanced profits or squeeze additional efficiency, but only if the data is accurate and can be readily accessed.

Once again, the CISO has an important role to play in ensuring the organization has considered all the implications of implementing a new system, so governance will be key.

Data Governance — When Security and Privacy Converge

For the organization to achieve the level of trust needed to power cognitive operations, the CISO will need to drive conversations and choices about the security and privacy of sensitive data flowing across the organization. Beyond the basic tenets of confidentiality, integrity and availability, the CISO will need to be fully engaged on data governance, ensuring data is accurate and trustworthy. For data to be trusted, the CISO will need to review and guarantee the data’s provenance and lineage. Yet the report mentions that, for now, fewer than half of organization had developed “a systemized approach to data curation,” so there is much progress to be made.

Organizations will need to balance larger amounts of data — several orders of magnitude larger — with greater access to this data by both humans and machines. They will also need to balance security with seamless customer and employee experiences. To handle this data governance challenge, CISOs must ensure the data flows with external partners are frictionless yet also provide security and privacy.

AI Can Enable Improved Cybersecurity

The benefits of AI aren’t limited to the business side of the organization. In 2016, IBM quickly recognized the benefits cognitive security could bring to organizations that leverage artificial intelligence in the cybersecurity domain. As attackers explore more advanced and more automated attacks, organizations simply cannot afford to rely on slow, manual processes to detect and respond to security incidents. Cognitive security will enable organizations to improve their ability to prevent and detect threats, as well as accelerate and automate responses.

Leveraging AI as part of a larger security automation and orchestration effort has clear benefits. The “2018 Cost of a Data Breach Study,” conducted by Ponemon Institute, found that security automation decreases the average total cost of a data breach by around $1.55 million. By leveraging AI, businesses can find threats up to 60 times faster than via manual investigations and reduce the amount of time spent analyzing each incident from one hour to less than one minute.

Successful Digital Transformation Starts at the Top

Whether your organization is ready to embark on the journey to becoming a cognitive enterprise or simply navigating through current digital disruption, the CISO is emerging as a central powerhouse of advice and strategy regarding data and technology, helping choose an approach that enables security and speed.

With the stakes so high — and rising — CISOs should get a head start on crafting their digital transformation roadmaps, and the IBM IBV report is a great place to begin.

The post How CISOs Can Facilitate the Advent of the Cognitive Enterprise appeared first on Security Intelligence.