Why Cybersecurity Needs Machine Learning

By on

Manufactured securityby Angela Guess

Mike Stute recently wrote in Datanami, “Fraud detection. Customer recommendations. Search engine results.  These use cases–and so many more–all owe a debt to machine learning. By automatically discovering patterns that lead to insights and creating predictive models that drive actions, the technology has proven its value many times, and to many industries. More recently, machine learning has begun to make a name for itself in the field of cybersecurity. As part of a larger cybersecurity solution, machine learning can help human security analysts when it comes to detecting real threats more quickly, so that an enterprise can act on them more swiftly. The technology can plumb the depths of historical security data to learn what attacks look like based on hidden variables and their relationships to each other, all in preparation for ‘seeing’ the next attack when it hits.”

Stute goes on, “It’s important, however, to understand that not all cyber security solutions leverage the same level of machine learning capabilities. Many take a one-size-fits-all approach: Their systems detect anomalies that could indicate a threat at hand based on the training data they have received using a single learning and prediction model. That’s helpful, but not quite helpful enough: All of the networks that rely on it will be alerted only to those threats the system has determined exist based on using collective sample data – and similarly they will miss all the threats that the single approach has missed… There is more value in using multistage machine-learning analysis and actual data in an effort to determine which machine learning model will work best for detecting real security events on any one particular network.”

Read more here.

Photo credit: Flickr

Leave a Reply