Is Machine Learning the Future of Cybersecurity?

Above: Andrew Blumenfeld, co-founder of Telepath, and Lily Adelstein, creative project manager, discuss the topic of ML and cybersecurity.

Some of our most valuable assets live online. From bank information to the entire infrastructure of online businesses. This makes data breaches an incredibly serious violation. As high profile data breaches make headlines, including Twitch most recently and even the U.S. government back in December, more companies are using artificial intelligence (AI) and machine learning (ML) to address cybersecurity concerns. One example is Darktrace, a company that uses AI to identify cyber threats as early as possible. 

Darktrace is a UK based cybersecurity company that uses AI and ML to detect abnormal activity at its earliest stages so that companies can act quickly to mitigate damage. The company was founded by mathematicians and cyber defense experts in 2013 and describes itself as “World leaders in Self-Learning AI”. ML algorithms are often used for anomaly detection. In order to identify cyber threats, models are trained on normal behavior data like login activity, geolocation and time. When a behavior occurs that falls outside of the normal behavior patterns, a model can identify it as potentially risky. The computer can then be programmed to act on the riskiness of the behavior with follow up actions like issuing a warning or blocking the user altogether. 

Darktrace is not the only company using AI and ML to help provide solutions to cybersecurity issues. Others in the field include SAP NS2, CrowdStrike, Vade Secure, and Zero Networks to name a few. The cybersecurity market is projected to grow to $345.4 billion by 2026 and unfortunately, it is not hard to believe based on the threats we are seeing.

This week, Twitch, a live streaming service, owned by Amazon and home to millions of users, announced that it had been breached. Reports state that the possible leaked materials include the companies entire source code, proprietary SDKs, information about an unreleased product, payout amounts of top content creators and more. This is only the latest mind-boggling act of cybercrime in the last year. In December 2020, the U.S. government fell victim to a crippling hack, which affected several government agencies and posed a threat to national security.

The importance of using AI and ML in cybersecurity is not a future conversation. It is one that companies and governments are having right now and yesterday. Artificial intelligence and machine learning are becoming the gold standard in this field. Former CIA executive Marcus Fowler, director of strategic threat at Darktrace is quoted in a 2020 article saying "AI is able to understand something is occurring and identify responses that could occur to disrupt it in seconds providing the security team more time to actually become better informed about what's happening," DataBricks Chief information security officer, David Cook is quoted in the same article as saying, "If you don't have AI or ML, you won't be a vendor anymore. This is the only way that any type of system can survive in this world. The traditional way of just knowing things is not going to work.” It is not surprising that ML and AI are the preferred solutions in cybersecurity; we are now dealing with more data than ever before along with a lot of different types of data. For example, it can be impossible for humans to recognize or program a rule based system that recognizes a series of small changes in a system as an anomaly, but these changes could be an early warning sign of a breach. 

Cybersecurity is a requirement for companies, governments and individuals that maintain sensitive information online and companies like Darktrace are using AI and ML to meet the demand. Making these technologies more accessible to the general public allows people to get back to their lives, jobs and businesses, without feeling like they need to become security experts to navigate the internet.