In the ongoing war between hackers and those charged with defending our ever-more connected devices and systems, artificial intelligence is fast becoming the new battleground.
Cybercrime in Canada is costing businesses a reported three to five billion dollars a year, including infrastructure damage and ransom paid to cybercriminals. And while security experts say that more resources are needed to shore up the defences behind our major institutions such as the banks, government and intelligence services, advances in artificial intelligence are proving useful in helping to detect security breaches.
“AI and machine learning are definitely game-changing in the cybersecurity field,” says Dmitry Raidman, CEO of Cybeats, a Toronto-based startup specializing in cyber defence for enterprise Internet of Things infrastructure.
“There’s a lot of concern around IoT devices and how they’re to be protected,” says Raidman, who spoke to Cantech Letter on his company’s announcement of a pre-seed round of investment, led by iNovia Capital. “In cybersecurity, in detecting viruses, it’s all about automation, how you are automating your defence. And that’s where the AI comes in because it actually helps you in reducing the turnaround from detection of the threat and creating the conditions to respond to that threat,” says Raidman.
The big data processing power of AI is key. Up until now, security experts have had to effectively rely on manpower to analyze security issues, trying to sort out where the breaches are and what form they’re taking. Costly and time consuming, the approach often means that newly-created viruses and hacks go undetected for long stretches of time, simply because security teams haven’t been able to recognize a problem.
The Equifax cyber attack this past year was a prime example. The credit ratings agency reported in September about a security breach where criminals gained access to an estimated 145.5 million US Equifax customers’ personal data, including Social Security numbers, birth dates and in some cases, credit card credentials (data on about 19,000 Canadians was also stolen). And while the company says that it learned about the attack in July, that was literally months after the infiltration began.
A good chunk of that lag-time can be erased through the use of AI, say experts, where computers can learn on their own to pick up cues that signal abnormalities within the system. “It’s much better if the device can self-diagnose and figure out if something is wrong,” says Raidman, “and once we apply AI to that, it makes the process that much quicker.”
As with any new technology, however, AI and machine learning will ultimately find their uses for both good and evil, meaning that any current advantage for security defenders is likely to be erased at some point — possibly quite soon.
“We have AI, but so do the bad guys,” says Ann Johnson, Vice President, Enterprise and Cybersecurity for Microsoft, who spoke last summer on Microsoft’s Intelligent Security Graph, the company’s AI-informed cloud security system. Johnson said that while AI is the “step change that we have all been waiting for,” it will also usher in a new wave of cyberthreats, such as malware that becomes more adaptive once it’s released, something she says is “not that far off.”
Below: Techopia LIVE at SaaS North with Dmitry Raidman of Cybeats