October 28, 2020
Vice President, Security Business, Splunk
Director, Project on AI Governance & Senior Fellow, Center for Strategic and International Studies (CSIS)
Operations Manager, Director and Data Scientists for Cyber, Jacobs Engineering
Cybersecurity Policy Officer, DG CONNECT, European
Vice President, Cyber Policy and Operations, U.S. Chamber of Commerce
At its core, the role of artificial intelligence (AI) is to collect data, identify patterns and act upon those findings. AI has already been integrated into countless business and consumer technologies that are helping us streamline our work and our lives, from scheduling meetings and sorting emails to managing households and recommending what to watch on Netflix.
As AI continues to grow in adoption and importance, we must think about this technology in a cybersecurity context — how can we protect ourselves and prevent cyber attacks as AI becomes more advanced?
“AI holds great promise to provide solutions for mankind, yet from a cybersecurity perspective, AI can be both a blessing and a curse,” said Gaurav Keerthi, deputy chief executive officer at Cyber Security Agency of Singapore.
To address these pressing issues, the U.S. Chamber of Commerce Foundation recently dedicated an edition of our Now+Next series to artificial intelligence in cybersecurity. Our panel of experts discussed the importance of using AI in cybersecurity and how businesses can leverage advanced tools to monitor and respond to cyber incidents.
Machine Learning Gets Knowledge From Data, While Other Forms of Artificial Intelligence Are Programmed by Humans
Often people use the terms “AI” and “machine learning” interchangeably, but they are actually two different concepts. Machine learning is a subcategory of artificial intelligence, which is an umbrella term for “any system that can perform capabilities that typically require human intelligence,” said Greg Allen, chief of strategy and communications for the U.S. Department of Defense.
The distinction between machine learning AI and handcrafted knowledge AI is how they receive their knowledge, Allen explained.
“In the case of machine learning, it's learning from data,” he added. “In the case of handcrafted knowledge, it's programmed rules given by human experts.”
Social Engineering Attacks May Worsen When We Can’t Differentiate Humans from Artificial Intelligence
Social engineering is a form of cyberattack that leverages artificial intelligence to manipulate and influence a person’s or society’s behavior. According to panelist Charles Ramsay, operations manager, director and data scientist for cyber at Jacobs Engineering, 85% of cyberattacks in 2019 were social engineering.
Ramsay explained that the biggest threat from social engineering will come in a few years when we cannot differentiate humans from AI.
“It used to be simply you read a phishing email and you click on the wrong link, and you're infected, and now your company's infected, and that impacts business,” Ramsey stated. “But imagine where in three to five years … we can't discern from a human and a machine online.”
There Is a Massive Shortage in Cybersecurity Skills
One of the biggest issues facing the cybersecurity community is that there simply aren't enough skilled cyber workers to keep up with the advancement of technology. Organizations need to make investments to increase their workforce as their responsibilities continue to increase.
The counter to this shortage is to leverage AI to take on assignments too labor-intensive for analysts. Albert Biketi, vice president of security business for Splunk, noted how, by reducing false positives, we can rely more on AI for these jobs that require cyber skills.
“There's a high ratio of false positives ... in data and in signals,” Biketi said. “To the extent that you can minimize that through the application of machine logic that accelerates the filtering, that is a big win because these analysts with very limited amounts of time and often a lot of turnover … can focus on the problem and be more productive with less resources.”
Governments Should Aim to Develop a ‘Culture of Cybersecurity by Design’
While businesses have a responsibility to support strong cybersecurity initiatives, governments have an important role to play as well. Ioannis Askoxylakis, cybersecurity policy officer at DG CONNECT, European Commission, noted that a key priority of the European Union (EU) is to ensure the protection and resilience of critical infrastructures, both in the physical and digital world. To that end, he discussed some EU initiatives, including the “EU Cyber Security Blueprint,” a recommendation for a coordinated response to large-scale, cross-border cybersecurity attacks, especially in the AI era.
“In the long term, we want to develop a culture of cybersecurity by design for all products, services and processes, and the EU Cybersecurity Act and Cybersecurity Certification [framework] has an important role to play in this direction,” Askoxylakis said.
From the Series