IBM Watson Fights Real-Time Cyber Crime

Uploaded on 2016-12-14 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, NEWS-Cybersecurity News, TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Developments

You may know Watson as IBM’s Jeopardy-winning, cookbook-writing, dress-designing, weather-predicting supercomputer-of-all trades. Now it’s embarking on its biggest challenge yet: Preventing cybercrime in finance, healthcare, and other fields.

Starting early December, 40 organizations will begin to rely upon the clever computers cognitive power to help spot cybercrime. The Watson for Cybersecurity beta program helps IBM too, because Watson’s real-world experience will help it hone its skills and work within specific industries. After all, the threats that keep security experts at Sun Life Financial up at night differ from those that spook the cyber-sleuths at University of New Brunswick.

Watson isn’t starting from scratch here. IBM researchers started training Watson in the fundamentals of cybersecurity last spring so the computer could begin to analyse and prevent threats. Now it graduates to real-world situations to further hone its skills. Think of it as the world’s smartest intern.

Ransomware

The computer’s done a lot of cramming since May. Cyberspace is vast, and the more of it Watson recognizes and understands, the more effectively it can discern the difference between benign threats and real problems. Watson’s great skill isn’t the ability to comb through huge amounts of information (though it does that too), it’s the ability to contextualize that information by combining structured data such as specific security events with unstructured data like white papers, research reports, and blog posts.

“Cognitive computing is 30-40% faster than traditional rule-based systems,” says Forrester Research analyst Andras Cser, who adds that cognitive systems like Watson also result in fewer false positives. Because it learns as it goes, it doesn’t repeat the same mistakes.

Before it could do that, though, Watson needed to study. Researchers fed Watson up to 15,000 documents each month through the fall, linking it to libraries and news feeds in real-time to keep its knowledge base current. Volume, too, is only half the battle; Watson must understand what words mean before it can know how they relate.

Take “ransomware.” You might know it as an increasingly prevalent type of hack that holds computers and systems hostage until the victim pays up. For a while Watson, thought it was a place.

When IBM researchers annotated “ransomware” documents with a definition, Watson finally understood that his teachers aren’t obsessed with some far-flung metropolis.

It’s a fun anecdote that illustrates the challenges and opportunities of bringing Watson up to speed. What it doesn’t know, it can use context to guess. If it guesses wrong, it can learn. And once it learns, it never forgets. Which is where the beta program comes in.

Dialect Coach

Now, Watson’s beta isn’t like the kind you associate with consumer software.

“In a regular development project, you assign a testing matrix and go through testing to see how it deals with the tests,” says Barlow. “In this case, it’s much more like human learning. There are things it can do in grade school, things it can do in high school, things it can do when it goes off to college, and things it can do when it’s had a lot of experience in the industry. Watson will follow a very similar journey.”

In other words, Watson currently understands the fundamentals of security. Now it must learn the specific vernacular that peppers various use cases. “The language of security in the healthcare industry is probably completely different than the language of security in the energy sector,” says Barlow.

During the beta, Watson will embed with a few dozen companies and provide their security analysts with reports and recommendations. Specifically, Watson can identify whether a security event is associated with known malware and provide relevant background, as well as identify suspicious user behavior. Also think of password entry; are repeated failed attempts an absentminded user, or an attempted break-in?

Watson doesn’t replace humans, but rather helps make them faster and more comprehensive in their response. IBM research shows that security teams sift through an average of 200,000 potentially significant events per day; a computer that prioritizes those events and reveals how they fit into the broader security climate saves worlds of time.

And in the process, save companies, and their customers, from potentially crippling threats. Not a bad learning curve for a computer that until recently was looking for ransomware on a map.

Wired:           IBM’s Watson Will Use AI To Treat Cancer:

 

 

« Behavior Analytics Tools For Cyber-Security
Cyber Police Stations Across India »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

Logsign

Logsign

Logsign is a Security Orchestration, Automation and Response (SOAR) platform with next-gen Security Information and Event Management (SIEM) solution.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

Cryptsoft

Cryptsoft

Cryptsoft provides key management and security software development toolkits based around open standards such as OASIS KMIP and PKCS#11.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

HorizonIQ

HorizonIQ

HorizonIQ (formerly Internap Corp / INAP) maximizes efficiency and innovation with flexible infrastructure solutions.

Leadcomm

Leadcomm

Leadcomm is a Brazilian company focused on the distribution and integration of IT systems and security solutions for large companies.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

OXO Cybersecurity Lab

OXO Cybersecurity Lab

OXO Cybersecurity Lab is the first dedicated cybersecurity incubator in the Central & Eastern Europe region.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

Creative ITC

Creative ITC

Creative ITC is a leading infrastructure and cloud enablement company. We design and deliver exceptional managed services and cloud solutions.

Aunalytics

Aunalytics

Aunalytics is a data platform company that delivers insights as a service to answer your most important IT and business questions.

Lansafe

Lansafe

Lansafe stands as a leading managed service provider in the UK, seamlessly integrating IT, Telecoms, Security, Electrical and Cyber Security solutions.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.