Are Artificial Intelligence, Machine Learning the Answer to Defending Against Cybersecurity Attacks?

U.S. Federal Government officials have warned the country’s financial institutions to prepare for the possibility of Russia-linked cyberattacks in the wake of the ongoing war in Ukraine.

Fortunately, two technological capabilities, centered on artificial intelligence (AI) and machine learning, are helping cybersecurity professionals fight the vast volume of threats and attacks.

While AI and machine learning security techniques are still in their infancy, they are proving to be valuable assets in assisting analysts in finding vulnerabilities in data sets too large to cover effectively manually. AI and machine learning can detect novel malicious code, catch fraudulent charges on a credit card or fraudulent network login attempts, block phishing messages on an email service and assist companies with cloud management in spotting anomalies that traditional cyber defense technologies may not pick up.

“AI shows tremendous promise for security, particularly around anomaly detection,” said Amanda Fennell, information technology and cybersecurity expert in Tulane University’s School of Professional Advancement. “Like any application of machine learning, it takes a very detailed understanding of the data you have, getting that data to a normalized, clean state and finding the right algorithms to apply.”

“Removing the ‘low hanging fruit’ like phishing detection, strange user login behavior, etc., are easier and quicker wins.  It isn’t until we, as an industry, start using the technology to find when people are using our products in strange workflows or noticing unusual data movements – either by location or slow transfers over long periods- that we’ll be maximizing the possible benefits of machine learning techniques in our industry,” Fennell said.

At the same time, however, hacking is becoming a multibillion-dollar enterprise, complete with institutional hierarchies and R&D budgets, according to consulting firm McKinsey & Company. Criminals are using some of the same advanced tools, such as AI and machine learning, to launch cyber-attacks.

The race, in terms of who can apply AI and machine learning first, is on.