How Machine Learning Can Enhance Cybersecurity

Posted by Fuel HQ on Nov 9, 2017 2:13:28 PM

Thursday, November 9, 2017

The speed with which technology evolves requires cybersecurity to move in lock-step, constantly developing and deploying new methods of protection. Ensuring that security professionals are quick to understand and adopt these tools is crucial for success in mitigating and preventing attacks. One of the most valuable technologies emerging in cybersecurity is machine learning, which can save time for deploying changes, more effectively manage known threats, and help to find and stop new threats before they can do damage.

What Is Machine Learning?

Machine learning is a subfield of artificial intelligence, through which computers continuously use streams of data to refine algorithms and processes used to make recommendations and decisions. For example, machine learning is used to automatically identify certain email messages as spam, or to allow Netflix to recommend movies a user might enjoy. Although companies are excited about this technology, the gap between machine learning ambitions and execution is large, according to new data from MIT Sloan Management Review and The Boston Consulting Group. A survey of more than 3,000 executives, managers, and analysts worldwide found only about 20 percent of respondents’ companies have incorporated some form of artificial intelligence, like machine learning, yet 85 percent of those executives are convinced artificial intelligence will give their companies a competitive edge. So the question remains, what do companies need in order to start using this valuable tool?

 

How Does Machine Learning Make Your Team Smarter?

According to Fuel Board Member Gary Ramah, one of the most interesting applications of machine learning is in cybersecurity. While machine learning can reduce some of the manpower needed to monitor and prevent cybersecurity threats, companies still need to build teams that can manage these systems, and must have strong training practices that may take time to develop. According to the Bureau of Labor Statistics, the demand for new information security experts has been predicted to grow by 18 percent from 2014-2024.

One method of reducing the time needed to train new employees can actually be machine learning. For example, an artificial intelligence-powered game can replicate real-life threats without the risk, helping trainees think creatively and adapt when a new challenge emerges. These artificial intelligence programs also support senior analysts, who have limited time to train new hires. If the industry can adapt machine learning as a method to train new professionals about cybersecurity, the training gap could be closed.

 

How Does Machine Learning Help Cybersecurity Professionals?

During a recent Fuel webinar, Giora Engel, Vice President Product Management at Palo Alto Networks and Founder of LightCyber, discussed the topic of machine learning. He said behavior analytics is focused on addressing the problem of being able to see an active attacker in your network.  Even with complete visibility, it is still very hard to notice all activity. Engel said security teams are often overwhelmed by security alerts, but there are ways to detect suspicious behavior.

This is where machine learning comes in, with two methods: supervised and unsupervised. Supervised machine learning is typically used when a large dataset contains a well-balanced set of samples that you need to classify in different ways. A researcher labels specific samples good or bad, and then the machine-learning algorithm can learn from that specification and replicate the process automatically for millions of other records. Unsupervised learning is based on cases in which the dataset is not labeled or cannot be labeled. It is used for different kinds of analyses, such as clustering.

Engel noted that without machine learning, the only way to detect some network anomalies is to establish rules to look for any abnormal number of log-ins or connections. However, this creates too many false positives and alerts. Machine learning uses profiling to determine device ports, and detection to find devices that change their communication pattern.


Moving Forward

If security professionals are able to embrace machine learning and use it effectively, there could be a significant reduction in the time needed to combat threats within their organizations. Although machine learning takes time to implement, it can automate more basic processes, freeing up experts for other tasks. Most exciting is the predictive benefit of machine learning, which enables security specialists to prevent threats from happening in the first place.

To learn more about how your organization can benefit from machine learning, check out Fuel’s on-demand recording of “LightCyber and Machine Learning – What You Need to Know”, available exclusively to Fuel members.

 

Not a Fuel User Group member? Join for free today.  

 

 Stream Now:  "LightCyber and Machine Learning - What You Need to Know"

 

Topics: Cybersecurity, Fuel Education, Palo Alto Networks, machine learning, training, Webinar

Posts by Topic

see all

Subscribe to Blog Updates

Recent Posts

Posts by Topic

see all