InfoWorld reported yesterday on how IBM's Watson is doing in his crash course on cybersecurity. Cognitive security technology such as Watson for Cybersecurity can change how information security professionals defend against attacks by helping them digest vast amounts of data. IBM Security is currently in the middle of a year-long research project working with eight universities to help train Watson to tackle cybercrime. Watson has to learn the "language of cybersecurity" to understand what a threat is, what it does, and what indicators are related.
The universities are feeding Watson up to 15,000 new documents every month, including threat intelligence reports, cybercrime strategies, and threat databases. The post includes a video explaining how machines learn and what the future of cognitive security technology looks like.
"Generally we learn by examples," says Nasir Memon, professor of computer science and engineering at NYU Tandon School of Engineering. We get an algorithm and examples, and we learn when we are able to look at a problem and recognize it as similar to other incidents.
Many next-generation security defenses already incorporate machine learning, big data, and natural language processing. What's different with cognitive computing is that it can blend human-generated security knowledge with more traditional security data. Think about how much security knowledge passes through the human brain and comes out in the form of research documents, industry publications, analyst reports, and blogs.
Cognitive systems can recognize the rich contextual significance of a blog post or research paper and apply traditional machine-generated data to help analysts get a better understanding of what they are seeing. Cognitive security has the potential to reduce incident response times, optimize the accuracy of alerts, and stay current with threat research.
According to recent statistics from the IBM Institute of Business Value, 40 percent of security professionals believe cognitive security will improve detection and incident response decision-making capabilities, and 37 percent believe cognitive security solutions will significantly improve incident response time. Another 36 percent of respondents think cognitive security will provide increased confidence to discriminate between innocuous events and true incidents. If security analysts were able to stay current on threats and increase accuracy of alerts, they could also reduce response time. More than half (57 percent) of security leaders believed that cognitive security solutions can significantly slow the efforts of cybercriminals.
Interest from other fields is growing: Cognitive computing is slated to become a $47 billion industry by 2020, according to recent figures from IDC. Now that's an impressive number.
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology