Machine learning (ML) and artificial intelligence (AI) could be crucial technologies in the future prevention of cyberattacks. However, many professionals have differing perceptions of ML and AI when it comes to their use in cybersecurity.
Non-malware attacks are on the rise
In order to gauge an insight into the 2017 perceptions of the cybersecurity landscape, Carbon Black interviewed 410 security researchers in a report. Overall, 64% of respondents said that they had seen an increase in non-malware attacks since the beginning of 2016.
According to the report, respondents cited non-malware attacks as more threatening than malware-based attacks. Moreover, non-malware attacks are reportedly increasingly leveraging native system tools such as WMI and PowerShell.
Despite an increase in attacks, respondents had low confidence levels in legacy AV's ability to prevent non-malware attacks. In addition to this, interviewees considered AI to exist within its nascent stages and therefore "not yet able to replace human decision making in cybersecurity."
AI and ML in cybersecurity
AI-driven cybersecurity solutions remain flawed, according to three quarters (74%) of security researchers. In fact, 87% of these researchers indicated that it would take longer than three years before they can trust AI to lead cybersecurity decisions.
As a result, only 13% of these researchers said they will actively look to implement AI-driven cybersecurity solutions at their organisations over that time period. The immaturity of AI-based solutions was therefore a big concern for respondents.
70% of security researchers also said that attackers can bypass ML-driven security solutions. Moreover, nearly on-third (30%) of respondents stated that ML-driven security solutions are "easy" to bypass.
Recommendations for incorporating ML
Overall, cybersecurity talent, resourcing and trust in executives continued to be top challenges plaguing many businesses. However, the report stated that "ML is a critical component to next-generation endpoint security technologies."
As the report states, big data collection should form a foundation for security technologies. Companies must also make use of automation wherever it is effective in order to empower humans to make better decisions.
As a result, employees can better train ML-driven solutions to be more effective. Carbon Black recommends using a "massive body of baseline data, a torrent of detonation data, and statistics and comparisons among behaviours for validation."
What is the next big threat in cybersecurity? David Atkinson, CEO of Senseon, looked into the oncoming concerns enterprises should have over cybersecurity threats