How to Know if ML, AI in Security is the Right Fit | eWeek
Development
SHARE
Facebook X Pinterest WhatsApp

How to Know if ML, AI in Security is the Right Fit

eWEEK logo Data Points copy
Written By
Chris Preimesberger
Chris Preimesberger
Apr 23, 2019
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

This eWEEK Data Points article looks under the hood at what security vendors are really offering in the way of machine learning and artificial intelligence in their products. Any review of information security products on the market is filled with buzzwords of the day, including ML and AI.

However, the main thing is this: What are the real capabilities of ML and AI in each product or service, and are they right for the use cases they will be impacting?

Even by themselves, ML/AI can be hard terms to define, so how does this play into security product marketing? Are the terms being oversold–or undersold–to potential buyers?

Our source for this story is John Omernik, distinguished technologist at MapR and an expert in detecting security threats and preventing fraud using data analytics. Prior to MapR, John was Senior Vice-President of Security Innovations at Bank of America, where his responsibilities included architecting a next-generation security data platform focused on speed of delivery and ease-of-use for security practitioners. His experience in the financial industry includes information security, threat intelligence and fraud analytics/prevention.

Omernik has several recommendations for security decision makers who want to dig deeper into marketing claims by vendors before they make the important decision about where to spend a security investment.


Data Point No. 1:  Understand the technical components of ML/AI in the product.

Sometimes a product can use simple classification algorithms on a single type of data, and based on that, make huge claims about the inclusion of ML/AI. Getting the vendor talking about the implementation allows you to assess whether it’s a point ML/AI solution or a way to bring ML/AI to security data in a more comprehensive way.


Data Point No. 2: Ask about the flexibility of the AI/ML models.

Does the vendor claim to use a proprietary model that will solve “all the problems?” Can this model be altered by the customer? Can different models all work on the same data, or can your data only be worked on by the models bundled with the security product? Everyone’s enterprise is different, and that includes their security needs. There is no one-size- fits-all product or approach.


Data Point No. 3: Ask about the application of AI/ML models.

Can models be applied to different data sets? Can log data, audio data (i.e. phone recordings), video data (i.e. security cameras) and other sources of data (transactional data, for example) all be worked on? If so, can these data sets work together, or must they be independent? Applying AL/ML to data can be great, but an organization’s data stretches across data silos, and if AL/ML can only work on certain silos, something is likely missing. 


Advertisement

Data Point No. 4: How will new AI/ML approaches be incorporated into the solution?

Can the vendor describe how this process works? Can the vendor provide examples of when past AI/ML was incorporated into the solution and how that development, testing, implementation and licensing played out? The last component, licensing, is critical: Was an organization’s data held hostage and kept away from new AI/ML until a fee was paid to apply the algorithm? This isn’t 100% bad. For instance, if a new AI/ML was developed by the vendor it makes sense. But if they just implemented someone else’s algorithm on the data when the licensing fee was paid, then that’s something an infosec practitioner will want to know.


Data Point No. 5: Does the product advance the security team’s data knowledge and skills?

Does the platform allow security practitioners to apply the latest ML/AI toolkits? Does the tool help practitioners learn about how data works and help them grow their understanding of data engineering and data science as it pertains to the organization’s data? Or, is the solution a black box in which their organization is forced to rely on the expertise of a vendor to solve security problems? A balance must be struck between working with vendors, and growing an internal talent pool. A product that allows growth will serve the organization better.
Chris Preimesberger
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information