If you have been in the cybersecurity market for more than five minutes, you will see that every product vendor is offering some variation of artificial intelligence, machine learning, or block chain in order to prevent the next zero-day attack. If you are in the market looking to buy cybersecurity security technology, the waters are muddy at best. Many security companies use the same language to describe their wares. Many claim to use Artificial Intelligence or some other shiny gizmo in their software and hardware. Others, use fancy marketing lingo like “zero trust” to draw you in for a further look. Under the best of circumstances it can be challenging to pick security software and with all of these new terms being tossed around, it can be impossible to understand what you’re even looking at and at the end of the day relying on the only objective measure—price—which leads to a proliferation of half-security solutions and consumers left picking the cheapest fly-by-night security vendor.
Do a quick Google of Cybersecurity and Artificial Intelligence with your favorite term: endpoint, firewall, or whatever. You will quickly be overloaded with marketing fluff and, in my case, the desire to reach for another beverage to ease the pain.
So, let’s start with the basics…
What is Artificial Intelligence?
Artificial intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think like humans and mimic human actions. The term artificial intelligence may also be applied to any machine that exhibits traits associated with a human mind, such as learning and problem-solving. As you dig further, you begin to enter the realm of artificial intelligence learning or “machine learning” and starting to wade into Neural Networks which is not covered here. At its core, artificial intelligence is programming with the ability to rationalize and take actions that have the best chance of achieving a specific goal.
When most people hear the term artificial intelligence, the first thing they usually think of is robots. That’s because Hollywood movies and sci-fi books weave stories about human-like machines that wreak havoc on Earth. But nothing could be further from the truth. Artificial intelligence is based on the principle that human intelligence can be defined in a way that a machine can easily mimic it and execute tasks, ranging from simple to highly complex. The goals of artificial intelligence include learning, reasoning, and perception.
A key point worth highlighting; Artificial Intelligence is not intended to replace human thinking, human emotion, or seemingly irrational behaviors that humans display. It is an accumulation of decisions with bounded data sets which an automated decision can be made and a subsequent task performed. That is a far more linear capability than you are likely getting sold.
The Dawn of Artificial Intelligence as a Marketing Tool
Artificial Intelligence has been part of our collective landscape for a long time. For many of us, our first introduction occurred in the early 1990s, when IBM came out with the Deep Blue computer. Deep Blue became famous when it defeated the great Chess champion Garry Kasparov. Quickly, IBM and Deep Blue appeared to be welcoming a new era of artificial intelligence and automation. To the average person, Deep Blue was magic because, let’s face it, most couldn’t begin to explain how Deep Blue worked. Well, the magic behind Deep Blue was a very brute force method of playing Chess. With each move Deep Blue took a look at all the possible legal moves that could be played and would map out possible results of various approaches to future moves. As the game went on, Deep Blue would keep exploring move after move forming a kind of HUGE decision tree of thousands of moves. Deep Blue would then make selections based on that tree to find a move that would provide a good result. What is a “good result”?
This is the point where we start to see AI autonomy fall apart. Deep Blue had many carefully designed chess strategies built into it by expert chess players to help it make better decisions — for example, how to decide whether to protect the king or get advantage somewhere else. Programmers made a specific “evaluation algorithm” for this purpose to compare how advantageous or disadvantageous different board positions are based on the IBM programmed expert chess strategies. Each move would call on this evaluation and based on the outcome, Deep Blue would select a move. For each turn, Deep Blue goes through the whole process again. So was Deep Blue an advancement in Artificial Intelligence or hardware. I would argue that the real achievement with Deep Blue was the hardware created by IBM that was way ahead of its time and advanced enough to quickly process all possible chess move combinations over and over and over again. Today, this technology exists in a simple handheld phone or computer.
So while Deep Blue was perceived to be the future of advanced artificial intelligence in the 90s, today that title has passed to IBM’s Watson. Deep Blue, as well as other forms of Artificial Intelligence fall victim to the AI Effect in time. In other words, as technology becomes more advance, forms of artificial intelligence begin to show their age and we no longer consider them intelligent. An example to help illustrate this would be early picture recognition compared to modern, dynamic, facial recognition software. We would no longer consider the early systems used to identify objects in photos as intelligent compared to contemporary software.
Artificial Intelligence Is Just Doing What We Tell It To Do
Author Pamela McCorduck writes: “It’s part of the history of the field of artificial intelligence that every time somebody figured out how to make a computer do something—play good checkers, solve simple but relatively informal problems—there was a chorus of critics to say, ‘that’s not thinking’.” AIS researcher Rodney Brooks complains: “Every time we figure out a piece of it, it stops being magical; we say, ‘Oh, that’s just a computation.” Does this degrade our understanding of artificial intelligence or is this the reality of its capabilities and does it really matter?
If we bring the conversation by to cybersecurity technology, the picture becomes even less clear. Most vendors mash the term artificial intelligence into marketing fluff next to blockchain, machine learning, and zero-trust. I’ve even seen vendors go so far as to claim that artificial intelligence stops zero day attacks, a very bold claim. Remember that whole thing about AI requiring inputs to make decisions? Zero day means that the inputs were unknown so unless AI can also predict the future, we can assume it is not going to stop an attack that is never presented itself before. More importantly, at the end of the day progressive attacks have a live attack operator on the other end of the network cable, an operator that is human, with human emotion and irrational and unpredictable behavior. Even the most advanced artificial intelligence barely scrapes human emotional actions and reactions and as we discussed earlier, this isn’t the intent of artificial intelligence.
In the End, What Should We Expect from Artificial Intelligence?
Artificial intelligence is finding its way into every aspect of our lives and cybersecurity is certainly not immune to this growth. In fact, there are many systems out there benefitting significantly from the strengths of artificial intelligence. Cybersecurity software can better identify and escalate attacks because of artificial intelligence and the result is less nuisance alerts and less complacency in organizations. So why are we taking issue with artificial intelligence in cybersecurity? It is when we see vendors selling capabilities that are unrealistic and potentially putting your organization at risk. The day will come, and maybe it already has, when a wide scale zero-day attack arrives that no one’s security technology can identify. Artificial intelligence has yet to replace a human cyber defender and it could be years before we can trust software to fully protect us. Yet, at the same time, many marketers in cyber security missed the real benefit. Artificial intelligence, combined with human intelligence, has changed the world and together can change cybersecurity for the better.
by: Justin Fimlaid
Follow us on Social Media for more information: