No matter where you look in the security world today, you’ll see the terms machine learning and artificial intelligence (AI).
There’s been a great deal of interest in machine learning and AI as security vendors and their customers look for better ways to improve their security posture and fight against advancing cyberattacks.
Machine learning and AI offer breakthroughs in solving problems in many other areas of our lives, so it’s only natural to try to use them to make similar breakthroughs in the field of security.
Unfortunately, there’s a lot of hype and misinformation surrounding what machine learning and AI can do to improve security.
In a perfect world, machine learning would be the silver bullet for defeating your organisation’s security challenges.
It would enable full automation of security operations, eliminating the need for human involvement.
It would learn what every user, system, and application does in incredible detail, enabling immediate identification and handling of user impersonation, malicious intent, and other issues.
Applying AI to security via machine learning is frequently presented as an easy solution. It’s not. Contrary to many vendors’ claims, no product can do this effectively today.
It will likely take considerable time and advancement to achieve.
Despite this, machine learning still offers a great deal of promise in improving security by greatly reducing human effort and lowering the time to detect, respond to, and recover from incidents.
That is if it is implemented correctly.