Alexey Kuzovkin - ex-chairman of the Board of Directors of the group of companies “Armada”, CEO of “Infosoft”, member of the working group on the development of security technologies of the Russian Association of Cryptoeconomics, artificial intelligence and blockchain, innovator, investor.
People think that using artificial intelligence in cybersecurity is a kind of revolution that is about to happen very soon. However, in fact, all the changes implemented will be gradual, but even they go beyond the imagination of ordinary people.
Choosing new methods of use in machine learning in cybersecurity field, we should denote its problems:
1. Configuration errors caused by human factor. Lots of cybersecurity’s weaknesses relate to this problem. A correct system configuration can be hard even for a large team of experts.
2. The effectiveness of manual labor in the process of performing repetitive actions. Practice shows that processes made in manual labor can’t be performed in the same way, especially in the cybersecurity field. It’s associated not only with the difficulty of individual multiple devices customizing, but also with the change of incoming threats’ nature. If work is done by people, the speed won’t be high enough. But speaking about the use of a system that is based on machine learning technology, the delays will be minimal.
3. Regular threat alerts, which is the problem for every organization. The attack surface directly depends on how complex the used security system is. To identify the problem and to find the solution, specialists need to run the analysis of each separately. With machine learning people can deal with many threats in no time.
4. Reaction time. It’s quite an important indicator that determines the effectiveness of the cybersecurity service. Technological innovations in the field of cyber-attacks significantly reduce the time of a harmful intrusion: half an hour is often enough. Machine learning can help to get the information about the attacks, group and analyze the data, generate reports, and create a plan of actions necessary to prevent attacks.
5. Staff capacity is a systematic problem that every cybersecurity department has. Usually, the problem is a lack of finances. The use of machine learning will reduce the number of staff and help to save time and money.
6. Adaptation. This aspect can negatively affect security service work: if an employee doesn’t know certain work methods, it will affect the efficiency of the whole group. Using the right data sets can solve this problem: well-educated algorithms can become solutions that will fully correspond with the established requirements.
The role of machine learning in cybersecurity.
The technology of machine learning will help to solve lots of problems of cybersecurity ensuring, which is caused by the use of data templates.
The main criterion of machine learning is accuracy: the chosen algorithm in the course of training in accordance with the data set is focused on a specific task. Its work is fully aimed at searching for the optimal solution to the set task: the only correct solution based on the information provided will be selected, even if it is not ideal.
The technology of machine learning successfully performs monotonous tasks, such as identifying data patterns and checking compliance with templates. Performing monotonous work, the productivity of company employees is reduced, which means that machine learning is a good opportunity to transfer data into a form that is easy to read and analyze.