Discovery and Exploration

How Watson AI is helping companies stay ahead of hackers and cybersecurity attacks

Share this post:

Key Points
– In today’s increasingly interconnected world, hacks, breaches and malware attacks have become a way of life. Cybercrime is projected to cause $6 trillion in damages by 2021.
– Even one breach can cost an enterprise hundreds of millions of dollars and destroy customer trust.
– Most breaches today are caused by “cyber blindness,” as there is no way to manually read and analyze the huge volumes of structured and unstructured data that security analysts need to process every day.
– AI and machine learning allow systems to continuously learn by constantly analyzing billions of data points to detect patterns and even predict attacks before they occur
– IBM uses Watson’s AI to add a cyber threat insight engine to its leading cybersecurity platform, QRadar Security Analytics Platform, helping clients analyze threats up to 50% faster.

Watch a video to learn more

 

Cybersecurity threats are growing at a record pace. Cybercrime is projected to cause more than $6 trillion in damages by 2021, and businesses are estimated to invest $1 trillion over the next five years to try to mitigate these threats.

According to Bloomberg, security incidents increased by 40% in 2016 from the previous year, setting a new record. While the verdict is still out for this year, the Identity Theft Resource Center’s (ITRC) mid-year report says that U.S. data breaches are up 29% from the same time last year, and may reach a 37% increase overall by the end of 2017.

Experts at the breachlevelindex.com are even recommending businesses adopt a “Breach Acceptance” mindset, changing how they view threats and act to protect their data.

The fact is, cyberwarfare is maturing and becoming increasingly sophisticated, with hackers adding artificial intelligence (AI) to their toolbox enabling them to automate attacks, cause more damage and steal more data faster than ever before.

For cybersecurity analysts, every moment counts. The longer it takes to identify a severe risk out of the tens of thousands of possible incidents, the longer it will take to begin resolution actions and the more damage your company and customers may experience. But most of analysts’ time is spent searching through thousands of blogs, articles, reports, websites and databases to diagnose new threats, leaving less time for actually taking action.

AI and machine learning are helping fight “cyber blindness”

Many of the cyberattacks that go undetected before it’s too late are caused by “cyber blindness,” as it’s nearly impossible for security analysts to manually sift through the volumes of relevant structured and unstructured data that’s created every second of every day. Machine learning allows a computer to learn for itself. Imagine an environment where a machine learning system is constantly analyzing data across billions or trillions of logs per second (such as in a neural network) and is able to classify, detect patterns and behaviors, and eventually even predict attacks before they occur.

Previously, there weren’t any easy solutions to speedily connect all the dots and validate a high-priority attack or breach. Most present-day security systems can evaluate potential threats using complex visualizations of structured and curated data, but that’s clearly not enough. The advent of AI into cybersecurity is changing that.

AI can make a huge difference in threat detection, which is why the IBM Security team introduced IBM QRadar Advisor with Watson, combining the cognitive capabilities of Watson Discovery Service and Watson Knowledge Studio with the industry-leading security offerings of IBM.

Thanks to AI, the response time to cyberattacks is rapidly shrinking. Companies can no longer afford to take days or even hours to respond to cyberattacks. Today’s businesses have to be able to respond in minutes — and pretty soon, in just seconds —to be able to stay ahead of both threats and their competitors. But responding at this speed isn’t something humans alone can do. Integrating AI into security systems will be critical so companies can analyze large volumes of data, in real time.

In this video, IBM Security Analytics Architect Suzy Deffeyes provides a first-hand look at a Security Operations Center (SOC) and discusses the impact of cognitive security in helping analysts investigate and resolve threats faster.

Augmented intelligence: Empowering analysts to be more effective

At Watson, we believe that AI should help augment humans’ ability to work better and faster than ever before. Even with these cutting-edge technologies integrated into security systems, human analysts will need to train, oversee, make decisions, escalate issues and choose resolution options.

The benefit of AI for cybersecurity is to reduce the time and manual effort required by humans to process large volumes of data, so their time and expertise can be focused on more complex, sophisticated tasks and decision-making.

If the AI recommends that a potential attack requires a specific fix, human experts should be the ones to ultimately approve the course of action taken to remedy the risk. But systems cannot identify abnormal behaviors or malicious activity without first being being taught the language of cybersecurity so they know what indicators, anomalies or pattern etc. to look for.

For example, the word “virus” means something different in the security industry versus the healthcare industry. As companies grapple with a severe lack of skilled cybersecurity professionals, our goal is to help existing experts capture their knowledge and scale their expertise so businesses can do more with less.

Clients using QRadar Advisor with Watson report that it reduces the time their analysts spend analyzing Tier 1 threats by as much as 50%, allowing workers to prioritize fixes more quickly and take critical actions sooner.

With cognitive reasoning applied to huge volumes of constantly changing data, QRadar Advisor with Watson can rapidly gather evidence of compromise and even discover other threat entities related to the original offense. This includes malicious files, suspicious IP addresses, rogue entities and the relationships among these entities, and most importantly it derives and delivers relevant insights to analysts for confident, effective decision-making.

Cybersecurity as an industry isn’t new. But as technology has evolved to help analysts better fight cyberattacks, the same technology is also helping hackers unleash more sophisticated, damaging threats, some of which change profiles even as the attack is ongoing. Combine that with the fact that most businesses are moving their data and systems into the cloud, making old legacy security tools redundant.

Our cyber environment is changing every second of every day and hackers are constantly looking for new vulnerabilities. With Watson Discovery Service integrated into your systems, you can continuously explore, discover and learn from real-time data, and use powerful cognitive search, natural language processing, domain adaptation and machine learning to empower your analysts not only to keep up, but get ahead of hackers and cybercrime.

 

Explore how Watson Discovery Service can help supercharge your business.

 

Add Comment
No Comments

Leave a Reply

Your email address will not be published.Required fields are marked *

More Discovery and Exploration Stories
November 20, 2017

How fund managers can apply AI to turn data into insights, reduce bias in decisions and generate alpha

In this age of rampant data growth, the only way to reliably beat the market on a risk-adjusted basis is to mine unstructured data faster and more accurately than competitors. Companies that combine AI, and machine learning with speed, accuracy, nuance and contextual awareness will change the game of managing and growing investments.

Continue reading

November 7, 2017

Empower every employee to be your best employee

The average knowledge worker spends between 20 - 30% of their day looking for information. Issues with accessing your business-critical data might be the result of information silos, disconnected apps and cloud storage that keep the data out of reach for employees who need it. The solution is an insight engine that can understand, reason, learn and interact, like humans.

Continue reading

September 21, 2017

Why Watson? More accuracy. Less training time. Insanely better CX results

Nearly 80% of contact centers say their current customer service systems won’t meet their future needs. Learn how Max Kelsen is using AI to shine a light on customers’ dark data to help them realize greater value from their entire data berg, not just the tip, creating custom knowledge domains 66% faster and with 97% accuracy.

Continue reading