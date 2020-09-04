Written by Marcus Fowler

Director of strategic threat for Darktrace

In his own words, Elon Musk has “been banging [the] AI drum for a decade”, and his latest warning that we should be more concerned about AI’s future potential to outsmart us has garnered international attention not least for his assertion that AI poses a greater threat to humanity than nuclear weapons.

Musk is right in saying that AI is much more advanced than people think, yet ultimately his claims miss the mark for two reasons: AI’s ability to transcend the limitations of human perception is not something to be feared, and as for AI outsmarting and supplanting humans ‘in the future’ – this has already happened in the arena of cybersecurity.

Put simply, there are certain things that AI just can’t do: common sense, critical thinking, and emotional intelligence are just a few things that render certain tasks in need of human touch. Yet there are certain things that AI can and should do – and security is a prominent example of an industry in which we should welcome the machines taking over.

In 2019, we saw the launch of the first AI that is able to look through a computer network, investigate potential threats, and produce human-friendly written reports, ready for the boss to read. Like a human security analyst, the AI has been taught how to investigate the early warning signs of an attack, consulting third-party sources and using intuition to come to a conclusion about the severity and possible impact of the threat. AI is doing this 9 times faster than a human could.

In early March this technology detected and contained the spread of a sophisticated attack by the Chinese cyber espionage and cybercrime group APT41, generating detailed reports of the incidents in real-time – weeks before news of the state-sponsored campaign hit the headlines. Human analysts were able to act on the AI’s findings in under 5 minutes.

Most recently, the AI can conduct on-demand investigations on suspect events or business users, before a threat indicator has been formally flagged. This represents a major step forward in combatting insider threat, a pressing concern for businesses who might have accidentally or intentionally malicious employees working from the comfort of their homes during the ongoing period of remote work. The AI can anonymously follow up on potential leads, without compromising on privacy, and reports findings in seconds.

Compared to security just a few years ago, when analysts would spend hours trawling through logs and prioritizing threats, this is nothing short of extraordinary.

In 2020, the shift towards AI-powered investigation has soared, and thousands of organizations today entrust AI to perform internal security investigations and do the heavy lifting – rapidly churning through all the context around a threat and putting all the pieces of the puzzle together in a human-readable report. Now, the AI is performing over 1.4 million security investigations every week, freeing humans from analytical work and enabling them to focus on business communication and remediation plans to make the overall environment more resilient in the future.

As such, Elon’s claims do not ring familiar for security experts at the fore of innovation. Every day the security world moves closer towards having AI take on the higher-level human thought processes involved in fighting cyber threats, and rightly so. With human security analysts spending an average of 3 hours per security investigation, scalability remains a problem even at the most established organizations. In recent months the world has witnessed too many successful assaults on household names – EasyJet, Honda, and most recently even Twitter. Human security teams are simply overwhelmed by the challenges of what is now a vast and complex cyber-threat landscape – there is too much data to protect, and, crucially, too many incidents to triage.

Scaling human teams to meet the demand for fast and accurate threat remediation has simply become implausible. This is a problem for an AI brain to solve.