The future of AI
Besides being able to detect malware that is not registered with a signature, machine-learning systems will spare vendors and security administrators the task of constantly updating their threat detection systems. While signature-based systems must be updated daily, AI models have a longer shelf life—as much as six months before needing to be adjusted, said Homer Strong, Director of Data Science at Cylance.
He also said that the industry just getting started with using AI to augment security. “Cylance was ahead in applying well-known machine learning techniques without a lot of original research. But now in special domains like security, companies are starting to invest in original research,” he said, adding that AI algorithms will continue to evolve and improve as more AI experts enter security field.
Experts say that as good as AI is getting, it remains only one part of the best practice of “security in depth.” Endpoint and network security, both traditional antivirus and AI-based, must be coupled with other forms of protection, including intrusion detection, encryption, data loss prevention and many others, including the emerging role of “threat hunter.”
But before users begin to apply those strategies, they must still tackle the biggest problems out there, which include software patching and system updates, file backups, and user training. At Black Hat, the conference released its latest attendee survey that showed that the number one concern (38%) of security administrators is end users who violate security policy and are too easily fooled by social engineering attacks, up from 28 percent the year before.
Some things never change.
Scot Petersen is a technology analyst at Ziff Brothers Investments, a private investment firm. He has an extensive background in the technology field. Prior to joining Ziff Brothers, Scot was the editorial director, Business Applications & Architecture, at TechTarget. Before that, he was the director, Editorial Operations, at Ziff Davis Enterprise. While at Ziff Davis Media, he was a writer and editor at eWEEK. No investment advice is offered in his blog. All duties are disclaimed. Scot works for a private investment firm, which may at any time invest in companies whose products are discussed in this blog, and no disclosure of securities transactions will be made.