Growing Challenges in Cyber Security
One of the complications, and opportunities, confronting the cyber security industry is that the cyber threat may be escalating beyond the capacity of a human-centric response. Consider for instance the remarks of the outgoing chief of the Department of Defense, that “given the volume [of attacks] and where I see the threat moving it will be impossible for humans by themselves to keep pace.” The DoD currently finds itself amidst a $1.6 billion project of centralizing its hundreds of separate firewalls into a unified system, the end purpose being to enable effective integration of artificial intelligence capabilities.
While this DoD example is an isolated one, it nonetheless epitomizes the human limitation in countering the cyber threat, which is primarily a digitalized, computer-driven hazard. As Benedict Cumberbatch playing Alan Turing in The Imitation Game quipped, “our problem is that we’re trying to beat [enigma] with men. What if only a machine can defeat another machine?”
Since its origins, computing technology has been deployed against the most unfathomable of challenges. The critical question is this: has the problem of cyber security eclipsed human capability? Has defending against cyber threats become a challenge so vast as to only be unraveled by another machine? It is in this context that Artificial Intelligence emerges as a solution to the cybersecurity problem.
IBM Watson: A Metric for the Upstart AI Industry
Before assessing the potential for Artificial Intelligence in cyber security, a broader analysis as to the current state of the AI industry must be conducted. Complicating this task, however, is that the artificial intelligence is highly developmental rapidly fluctuating; even definitions as to what constitutes AI are in flux and indeed fungible. One certainty however emerges, that over the past century machines have increased calculation speeds by a factor of 1012 (1 quadrillion) while reducing calculation costs to 10-13 (1 ten quadrillionth) of what humans can preform unassisted.
One of the better metrics for assessing the health and direction of the AI and machine learning industry is to simply follow where IBM is deploying Watson. To this end, IBM knows it has an outstanding product with widespread public recognition; it will utilize its Big Data capabilities as strategically as possible in markets ripe for AI integration.
Aside from partnering Watson with H&R Block to process and analyze 11 million tax returns, the other major development has been the recent commercial release of cyber security by Watson to over 8,000 customers. With growing data sharing arrangements among members of the cyber security intelligence community, Watson was able to digest over 700 terabytes of data from just one partner (that is about 150,000 DVDs worth of data, enough to power Netflix for over 34 years without interruption). More data inputs only further empower the potential for AI in cyber security, allowing machine learning software to automatically detect, diagnose and counter cyber breaches in a more informed manner.
Applications AI in Cyber Security
While Watson may serve as a bellwether for the Artificial Intelligence industry at large, it is only one of many AI platforms to enter the cyber security market. The amount of data generated from 200,000 daily cyberattacks results in humans wasting 20,000 hours annually chasing false positives. Not only is such a time allocation costly, but there simply is not enough human talent to execute a strictly “manned” cyber security response. The unemployment rate for cyber security analysts is 0.0% with 1 million positions remaining unfilled; artificial intelligence at first leverages, then supplements, and finally replaces human capital in various capacities. As previously alluded to, cyber security has literally exceeded the capabilities of humans.
One of the current applications for Artificial Intelligence in cybersecurity is monitoring, covering both passive and active scanning technologies. For instance, NATO records over 500 million suspicious cyber security events each day, and identified cyberattacks increased by 60% in 2016; this scale is so vast that detection and prevention may only be done through machine-learning and AI.
Another security tool developed by IBM, independent of Watson, is a machine learning tool to detect phishing attacks 250% faster than conventional tactics, and with false positive rates below 1%. Such anti-phishing advancements are noteworthy as humans are generally considered the weakest component of cyber defense plans. For instance, despite extensive training and awareness programs, both employees and management continue to open 30% of phishing emails, creating problems that machines in turn have to solve.
Other AI applications seek out a hybridized defense, effectively integrating human response and artificial intelligence into a singular unit, so as to play to the relative strengths of both man and machine. To this effect, researchers at the Massachusetts Institution of Technology have produced an AI algorithm called AI Squared that works in concert with humans, analyzing over 3.6 billion log files every day. This tandem system can detect 85% of attacks while reducing false positives 5-fold; technologies such as this potentially reflect the future direction of the cyber security industry, a stepping stone to yet further automation.
Identifying AI Cyber Security Market Players
These developments notwithstanding, it can be difficult to pinpoint which cyber security firms specifically are integrating AI technology, as well as the specific applications they are targeting with AI. This asymmetry of information stems from the need to protect their proprietary IP; IBM Watson is very much the exception because of the promotional value the program generates for IBM.
Nonetheless, any sort of “monitoring” or “threat-analysis,” particularly with firewalls and end-point protection, will involve automated detection algorithms. Some firms active in these areas of cyber security include Kaspersky Labs, Exabeam and Guidance Software.
Moreover, Artificial Intelligence has recently exhibited a strong presence in the cyber security at the startup level. In part due to the low cost of entry, the startup scene is currently serving as a laboratory for exploring more advanced applications of AI without having to be concerned with day-to-day operations. Some of the larger AI cybersecurity startup funding raises of 2016 include Tanium, Cylance, and LogRhythm, with total capital raises of $295 million, $177 million, $126 million, respectively.
The technology value of these firms renders them ripe for acquisition by more “balanced” cybersecurity firms looking to gain AI expertise. This acquisition-centric approach is a prevalent strategy for growth in the cyber security industry, and indeed is the modus operandi of diversified cyber defense firm Symantec, having completed 64 acquisitions throughout its corporate history.
Recent examples of acquisitions of AI cyber security startups include the targeting of Invincea for $100 million and Palo Alto Networks’ purchase of LightCyber for $105 million, both actions in February 2017. The latter acquisition is significant as even with Palo Alto’s reduced growth forecast, the onboarding of additional AI capabilities is still viewed as essential. These developments speak to the importance of mass-data technologies such as machine learning and AI to the future of the cyber security industry at large.
Self-Driving Vehicles: An AI Case Study
The development of Artificial Intelligence is remarkable not only for its potential in cyber security, but also for its dependence upon cyber security, the very technology it enables. This reliance on cyber security is driven by AI’s need for massive quantities of data, very much the gasoline for such digital engines. Importantly, not only the data, but also the connected devices which both generate and utilize the data, require comprehensive cyber protection.
As one of AI’s more ambitious applications, the emergence of self-driving vehicles may represent a substantial long-term catalyst for the cyber security industry. In brief, this development opens a massive new market of connected devices, all of which would need cyber security solutions, especially considering the unique human and economic risks involved.
As a demonstration of the necessity for new, sophisticated cyber defenses, consider that a criminal could, hundreds of miles away, remotely hack into your car, unlock it, and then have it auto-navigate to a dockyard for shipment to an overseas market. While arguably a hyperbolic example, the modern car is embedded with 100 million lines of code, and the CEO of GM has remarked that cyber security “is a problem for every automaker in the world,” and “a matter of public safety.” Quite simply, consumers would demand advanced, active cyber-defenses as a precondition to purchasing self-driving vehicles.
What is fascinating about self-driving technology is that it reflects the convergence of Artificial Intelligence and the Internet of Things (IoT) on the most massive of scales geographically. Ford in particular is investing heavily in this endeavor, this February making the industry’s largest yet investment in Artificial Intelligence by acquiring a majority stake in Argo AI for $1 billion.
Critically, even firms outside of the automotive industry are targeting the autonomous trend, with the $15.3 billion acquisition of Mobileye underscoring this dynamic. Also significant is that the cyber security industry will likely still benefit even if fully autonomous vehicles do not materialize as quickly as anticipated, as connectivity to the internet is the key determinant of the cyber threat.
To this end, Bloomberg Intelligence estimates 75% of new production vehicles will feature internet connectivity by 2020, up from 13% in 2015. Accentuating this risk is that the world’s second largest reinsurer, Munich Re, concludes that 55% of corporate risk managers identify cyber security as their foremost concern about self-driving cars.
Considering all the different market actors that would demand cyber security to be a key requirement for autonomous vehicles, including insurers, manufacturers, government regulators, and consumers themselves, the AI trend conservatively represents a striking catalyst for the cyber security industry. Perhaps Turing’s “machines” have created a problem only they can solve: cyber security.