Your Next Security Analyst Will Probably Be A Computer

Watson, IBM's artificial intelligence computer, is capable of "learning" as it operates.

Advances in artificial intelligence and robotics are now making it possible for humans and machines to work side-by-side.

Cybersecurity requires a specialized skillset and a lot of manual work. We depend on the knowledge of our security analysts to recognize and stop threats. To do their work, they need information. Some of that information can be found internally in device logs, network metadata or scan results.

Analysts may also look outside the organization at threat intelligence feeds, security blogs, social media sites, threat reports and other resources for information. This takes a lot of time.

Security analysts are expensive resources. In many organizations, they are overwhelmed with work. Alerts are triaged, so that only the most serious get worked. Many alerts don’t get worked at all. That means that some security incidents are never investigated, leaving gaps in threat detection.

This is not new information for security pros. They get reminded of every time they read an industry news article, attend a security conference or listen to a vendor presentation. We know there are not enough trained security professionals available to fill the open positions.

Since the start of the Industrial Revolution, we have strived to find technical answers to our labor problems. Much manual labor was replaced with machines, making production faster and more efficient.

Advances in artificial intelligence and robotics are now making it possible for humans and machines to work side-by-side. This is happening now on factory floors all over the world. Now, it’s coming to a new production facility, the security operations center (SOC).

IBM has announced a new initiative to use their cognitive computing technology, Watson, for cybersecurity. Watson for Cyber Security promises to give security analysts a new resource for detecting, investigating and responding to security threats.

Once Watson learns the language and nuance of cybersecurity, it could become a very intelligent security analyst, giving security teams an advantage against the attackers targeting them. Up to now, the attackers have had all the advantages. As the security cliché goes, “The attacker only has to be right once, we have to be right 100% of the time.”

This may be a turning point for cybersecurity. Human security analysts are the bottleneck in security operations. Even with improvements in security analytics technologies for threat detection, analysts are still overwhelmed with alerts and data. Cognitive Security (IBM’s term for the use of cognitive computing in security) and emerging automation technologies will help to alleviate the bottleneck. In time, once they are proven successful, we may even start trusting the machines to make security decisions on their own. 

Information-Management: 

« Artificial Intelligence And Racism
Has The Cyber ‘Pearl Harbor’ Already Happened? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

FREE eBook: Practical Guide To Optimizing Your Cloud Deployments

AWS Marketplace eBook: Optimizing your cloud deployments to accelerate cloud activities, reduce costs, and improve customer experience.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Serbus Group

Serbus Group

For over a decade, Serbus has provided clients with the most secure mobile communication tools that offer top level security, threat-protection, and compliancy.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

Sothis

Sothis

Sothis is an information technology services company offering a range of solutions including cybersecurity, managed security services, information governance and compliance.

JAS-ANZ

JAS-ANZ

JAS-ANZ is the joint national accreditation body for Australia and New Zealand. The directory of members provides details of organisations offering certification services for ISO 27001.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

Intellias

Intellias

Intellias provide services and solutions in software engineering, advanced technology, digital consulting and cybersecurity.

BITSCore

BITSCore

BITSCore stands as a leading service in cyber-security, provenance and supply-chain tracking. We provide unique and powerful solutions utilising our patented private blockchain platform.

Auvik Networks

Auvik Networks

Auvik is easy-to-use cloud-based networking management and monitoring software - true network visibility and control without the hassle.