Published
October 27, 2020
The applications of artificial intelligence (AI) have become ubiquitous over the last decade, transforming the way we work, play, and interact with the world. AI systems recommend what you should watch on Netflix, recognize your biometric data for authentication, and assist you during “live” chats with customer service. These examples highlight common applications of AI systems, but AI can also promote security in our data and systems.
The U.S. Chamber of Commerce’s Cyber, Intelligence, and Supply Chain Security Division hosted a discussion today on the applications of AI in cybersecurity during its Now+Next webinar series, and dove into how businesses can leverage AI in their security efforts.
“Humans are great at intuition and creativity. The challenge in cyber is that you sometimes have very subtle signals pointing to anomalies, and you must move beyond human scale to see that drift from normality in complex enterprises. Moreover, you must understand those subtle signals and respond to them at machine speed. This is where the power of AI potentially provides the most value,” said Albert Biketi, Vice President, Security Business at Splunk.
Defining AI
“AI is the ability for machines and technology to take on tasks and services that would normally require humans,” said Caesar Nieves, Senior Vice President and General Manager for Cyber at Jacobs.
The rapid expansion of AI can be attributed to multiple technological developments coming together simultaneously. Innovations in computing power, storage, and network access have improved our ability to maintain and use data in volumes not previously possible. AI systems leverage these computing advancements in conjunction with algorithms or rules to find patterns in data, derive insights, and act without being directed by humans.
Applying intelligent systems to cybersecurity
In 2016, the Defense Advanced Research and Development Agency (DARPA) hosted a Cyber Grand Challenge where teams developed cyber reasoning systems that could identify software flaws, formulate patches, and deploy them in real-time. This was a remarkable feat and showcased the effectiveness of AI systems at supporting security efforts.
However, other use cases exist for the application of AI in cybersecurity including detecting malware, automated incident reporting, root-cause analysis, and network monitoring to track user activity. Network monitoring tools can build profiles of typical behavior and then detect anomalies, which are particularly useful in identifying phishing attacks.
“Operationally, we are under cyberattack every second, and AI allows us to target malicious code and other intrusions at scale to achieve faster decision-making versus attempting manual triage,” added Caesar.
Augmenting the cyber workforce through AI
While AI systems support cybersecurity by enabling prevention or detection and resolution of threats, they should not be considered the panacea to all cybersecurity problems.
“Does it replace humans as we go forward? Certainly, it does in a certain aspect. But, there’s always that human element on the end that helps drive the conclusions,” said Caesar, adding that the importance of embracing young talent from the science, technology, engineering, and math fields cannot be understated for organizations seeking to leverage AI.
Albert noted that one of the top three problems that he has seen chief information security officers facing each year is adequate staffing for skilled roles. If implemented properly, AI can enhance productivity but people will remain a critical component of the process for the foreseeable future.
“Intellectual vigilance is required. It’s tempting to become overly reliant on new technologies without questioning what you trade off for the benefits. We’ve seen evidence of AI applications demonstrating skewed results and anti-patterns in terms of the outcomes that you should be driving as a society or even as a business. For example, it was in the news a few years ago that a major tech company discovered its resume review system didn’t rate women fairly and stopped using the system. People need to look at these technologies with very clear scoped outcomes in mind and a sense of oversight regarding how these technologies are applied or audited,” added Albert.
The future of policies for AI in cybersecurity
Last year, the Chamber outlined its artificial intelligence principles addressing the importance of making government data open and accessible and the need for investment in AI research and development. In addition, the Cyberspace Solarium Commission recently called for legislation to increase information sharing between the public and private sectors. At the nexus of these two initiatives, the government and private sector must think critically about how data can be shared in ways that maintain security, promote international alignment, and enable more robust AI solutions that capitalize upon the large swaths of data.
Join the conversation on cybersecurity as the U.S. Chamber concludes its Now+Next series with Logistical Challenges of Vaccine Distribution and a talk on Sandworm and the NotPetya attacks.
Jimmy L. Housley, a U.S. Marine Corps major, is a Command of the Marine Corps Fellow at the U.S. Chamber of Commerce. The views expressed herein are those of the author and do not reflect the official policy or position of the U.S. Marine Corps, Department of the Navy, U.S. Department of Defense, or the U.S. Government.
About the authors
Jimmy Housley
Housley serves as a Commandant of the Marine Corps Fellow at the U.S. Chamber of Commerce, where he conducts research, analysis, and project management support.
