One of the great things about writing on technology topics is that sometimes it feels like writing science fiction. Today is definitely one of those days.
Basically, a bunch of new research coming out of MIT, IBM, and other tech leaders is pointing towards a future only a few years away that would have seemed incredibly far-fetched not long ago: Network cyber-security run by Artificial Intelligence, with only minimal input from human operators.
That sounds like William Gibson stuff, right?
We've already seen the first steps towards AI security in products which are currently on the market. Most mid- and high-end firewalls already have "smart" detection systems for spotting Denial-of-Service attacks and spoofed\corrupted packets. Meraki has been leveraging their cloud architecture to build a huge database of known threats, which their Advanced Security systems can access at any time.
But the new wave of cyber-security, based in machine learning processes, is truly just around the corner. Products will probably be on the market by 2020 or so. And it's going to be a game-changer in a lot of ways.
New AI Cyber-Security Systems Just Around The Corner
The key to these new processes is assisted machine learning. Basically, top-line computers are being trained to spot malicious attacks by having human overseers checking their work. A super-computer analyzes a bunch of potential threats, then the humans running the project grade sort out the true positives from the false positives/negatives, and add that data back into the system so it can refine its processes.
Basically, with every iteration of the process, the machine becomes smarter about correctly identifying threats, while reducing false results.
Currently, both MIT and IBM's Watson project are running similar experiments along these same lines. And the best part is, thanks to cloud computing platforms, it won't require a supercomputer in your business to make use of them. Once on the market, these systems will be widely-available for users to connect to. And, of course, thousands or millions of users all plugged into these databases will only speed the learning process for the machine.
And that's a very good thing.
The Coming Cyber-Security Crisis
There's a serious problem facing computer security in coming years, one which hasn't been talked about much in public view. Simply put, the need for human security experts is growing far faster than universities and private schools can pump out actual experts capable of handling the job.
Current estimates are that there will be at least 1.5 million fewer security experts in 2020 than will be needed. While some organizations are trying to push students towards cyber-security there's very little reason to think the shortfall will be corrected any time soon.
This problem is compounded by the incredible speed with which hackers can adjust their methods. A single hacker is extremely agile; corporate security systems are not. Further, because most attacks are international in origin, terrestrial law enforcement is nearly helpless.
In other words, AI cyber-security cannot arrive fast enough, and it may be the proverbial "last best hope" for keeping valuable networks safe.
These AI systems would be able to:
- Identify attacks with at least 95% reliability
- Quickly ID new attack forms almost as quickly as they arrive
- Use mass sourcing to figure out defenses more quickly
- Keep admins in the loop without requiring significant expertise
- Utilize cloud-based structures to mitigate hard-to-block attack types like DDOS
- Provide protection for the Internet-of-Things, which is currently nightmarish from a security perspective
It's the wild west right now, but hopefully a new robotic sheriff soon will be coming to town. And we'll certainly keep reporting as innovation happens!