Artificial Intelligence is surely one of the hottest topics in nearly every industry nowadays, and not without reason. Some of its practical applications have already become an integral part of our daily lives – both at home and in offices; others, like driverless cars, are expected to arrive within a few years. With AIs beating humans not just in chess, but even in public debating, surely, they’ve already matured enough to replace security analysts as well?
In this session, we are going to look at the current state of AI in cybersecurity and try to see behind the buzzwords on product labels. What are the benefits and inherent limitations of current machine learning technologies? Should we expect any major breakthroughs in the upcoming years? And, last but not least, should we human security experts start worrying about our jobs already?
Security Operation Centers (SOC) s are continuously monitoring an ever-increasing scope of assets, both those incorporated by a company and independent devices, stemming from the ever-amorphous “Internet of Things” that are brought into a workplace environment. This creates a massive amount of alerts or “noise”, most of which are benign, but still requires a security analyst to review and confirm its banality, drawing a security analyst’s time, and attention away from potentially real threats or attacks. Cutting down the “noise” amount of false positives, or nonthreatening alerts is a primary concern for security analysts, chief information security officers, and chief executive officers alike. Machine learning, while not a silver bullet, can become a powerful tool if utilized appropriately to reduce the noise.