Machine-on-machine cyber defence edges closer

Is the future of cyber security machines versus machines? As hackers increasingly use automation and machine learning to launch cyber attacks at scale, cyber security defenders, too, are turning to artificial intelligence to detect hacks -- and, in some cases, kill them dead automatically. But the use of AI for cyber defence is still nascent, according to many experts, and must be deployed with care. Some argue there is a tendency for the cyber security industry to exaggerate AI's potential and successes, and use it as a buzzword. "Having a fully automated system in the cyber security domain would mean essentially trusting the computer with decisions. "There are critical things that would be hugely costly if done incorrectly," he says. "It's a question of'how accurate is this thing relative to the human?' And, in the cyber security domain, it's just simply'not very'." So how far along are we? Already, cyber security companies are using AI to help detect potential attacks by flagging suspicious behaviour. Justin Fier, vice-president of tactical risk and response at Darktrace, says the UK-based company uses "various forms of machine learning to go into your digital estate and, quite simply, establish a sense of self, establish what is specific to an organisation". He adds: "The minute something deviates -- big or small -- we can actually alert you to that." Darktrace also has automated responses to known threats such as ransomware strains. "Now, the median time to detect and remediate ransomware is 45 minutes.