Taking the hype out of artificial intelligence

Artificial intelligence is all the rage in IT these days, with vendors rushing out new products and trying to assure CISOs that their products include some element of machine learning. But how much of this is hype?

Quite a bit, cautions Oliver Rochford, vice-president of security evangelism at DFLabs, in a column this week. ” Machine learning by itself solves nothing without being applied to distinct problems,” he writes.

So what’s a CISO to do? Ask a few intelligent questions, Rochford advises.

What does your machine learn? Does the software really learn or just do statistical analysis or correlation.

Where does it learn it? In a lab or in your environment? The former isn’t acceptable, Rochford says, but adds that a hybrid of both can be okay. There is, he adds, another consideration, though: Does it learn on premise or does data have to be sent into the cloud?

How does it learn? A vendor should be able to provide a high-level overview of which machine learning approaches its implementation uses: Supervised, Unsupervised and Reinforced are the keywords to look for , as well the high level algorithmic descriptions.  For the inexperienced Rochford suggests reading cheat sheets provided by Microsoft. This information can help an infosec pro understand if the vendor is using the right algorithm for the problems they are trying to solve.

Why does it learn it? In other words, why use that particular approach.

What does it solve? Does it solve a problem that would be impossible to solve with less sophisticated means, or that would be unfeasible or inefficient to solve any other way. Does it solve more than one problem.

It’s not that machine learning. In a recent interview Forrester Research analyst Joseph Blankenship told me that it has a lot of potential to help in threat detection by overcoming limitations of existing rule-based systems, as well as automating and orchestrating security operations to help analysts in their decision-making. “One of the areas that’s very promising is the notion that we can use the technologies to help make the job of security analyst a little easier,” he said.

“As we add automated components to security operations we’re able to accelerate from minutes to seconds in terms of being able to do more manual aspects of investigations,” he said, particularly to guide more junior analysts on appropriate next steps in incident response.

But, he added, “we’re years away from the Skynet for security operations,” with robots handling cyber security. (Of course, Terminator movie fanatics know that Skynet ended up taking over the world …)

So be careful, says Rochford. Machine learning’s value is in solving aspects of incident response, advanced threat detection, hunting and investigation, he argues — in other words, to specific problems.

Read Rochford’s full column here

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now