- 82% of those surveyed reported a skills shortage at their company;
- 71% of the respondents said the shortage caused direct and measurable damages through cyber attacks, and
- 22% of companies suffered reputational damages because of the skills shortage.
1. Our digital economy requires massive datasets. As a result, different, faster, and more robust cybersecurity solutions are requiredThe first reason why AI and machine/deep learning needs to become the new “normal” for cybersecurity is simple: our country desperately needs them. As we digitize every part of our economy, and move customer solutions from the desktop to the laptop to the iPad and the iPhone, we are creating an enormous highly interconnected economy. When I was a kid, our economy was based on going to the mall or the supermarket for what my family needed. My parents paid in cash or check. Things were rudimentary but, in some ways, very easy and the amount of unprotected personally identifiable information was minimal, at best. Today, our economy is smartphone-based and highly personalized to each buyer based upon his or her own buying habits, which the company selling the goods (e.g. Amazon) analyzes keeps in massive data sets stored in the cloud along with their credit card information and other personal data. Our shopping experience today starts with our smartphone or tablet. Our medical information, medical history, patient billing, health data and reimbursement (as well as our medical records) are all stored either on-premises or in a cloud environment. We do nearly all our banking by smartphone, very rarely needing ever to enter a physical banking institution. Convenience is what matters. In sum, nearly everything we do is online. And it is stored in big data sets that are crunched daily by machine learning computers in an effort to further personalize our shopping and banking experiences and create broad, hyper-efficient efficiencies for suppliers and retailers (and even our electric and gas companies). This leads us to believe that traditional cybersecurity appliances relied upon in years past will no longer be adequate to respond to the new threats to come (which we saw, in particular, this week). If allegedly our National Security Agency (or a surrogate thereof) isn’t safe or secure (and we, of course, don’t know either way what happened), then what is safe? Our mindset needs to shift to machine learning and deep learning to protect our companies, healthcare providers, and healthcare institutions, as well as the personal information they use, store, and create every day. Faster detection of malware will become even more important and more difficult as our digital economy takes off like a rocket ship, creating more and more network traffic to be dissected and analyzed. With one-off personalized malware, unknown zero-days and APT exploits, unpatched systems, ransomware, and today’s other threats, we cannot afford to chase hundreds of thousands of alerts a day, and we cannot afford to tolerate, at all, the average of 146 days it takes many companies to detect malware on their networks. This is called “dwell time.” The higher the dwell time, the more damage a hacker can do. Says one security expert about machine learning and deep learning cybersecurity products:
"It is faster by far than most if not all big data tools, as it can work in real-time to near real-time—seconds to minutes—and it does not need to wait for batching data sets. Organizations need capabilities that allow them to get in front of the threat, finding and eradicating them before they can do harm….”We admit that machine learning and deep learning is a mindset shift. We are used to having our hands on the wheel, our foot on the throttle at all times. As a country, we must recognize that we are putting superhuman amounts of data in circulation every day. For some companies, the number of alerts they receive is akin to the “whack-a-mole” carnival game. Hit one over the head, and two more pop up. Machine learning and deep learning can help deal with these enormous data sets and the enormous amount of network endpoint traffic by more quickly and efficiently detecting network anomalies, trends, and patterns at network speed (in the cloud and on premises). Some systems today advertise a success rate of over 95% in finding malware. In minutes. And AI won’t force you to lose your job or retire early. Machines need humans, too.
2. Machine and deep learning won’t force you out of a job. Frankly, it might make your job more satisfying.Yep, I can hear it in your brain. Here comes the bologna about machine learning and deep learning not taking replacing us humans. One of the many respectable articles that I have read over the last six months makes the following three points:
- We have a severe of skill cybersecurity workers in the United States (more than 209,000 jobs are open in the US today);
- We can’t train workers or students fast enough to ever catch up, and
- The skilled cybersecurity workers we have today chase thousand of alerts a week, many of which are false positives and, therefore, take away valuable time from actual alerts.
3. As the IoT disrupts our economy, we must consider alternative methods to protect our data and economy by lessening “dwell time.”As the FireEye M-Trends report for 2016 notes, the critical problem for cyber defenders is dwell time, meaning the amount of time an attacker is on a particular network before he is found. The average dwell time today is 146 days. That is almost 5 months. What can an attacker do in 5 months on your network? The answer: unspeakable, horrific things that will cause you to have a couple of bad weeks before understanding the total amount of damage done to your network and the total amount of information exfiltrated by attackers. Though 146 days is a number way down from previous years, it is still a long time to cause havoc. Now think about the idea of the potential dwell time in 2020, when the number of endpoint devices and connected devices is expected to grow. Indeed, Cisco expects over 26 billion devices and connections by 2020, up from 16 billion in 2015. Which direction would you expect the dwell point days to go in 2020? Up or down? We are such a tremendous nation of scientists and professionals. We constantly demonstrate that our potential for innovation is seemingly infinite. But as we showed extensively above, our digital world has changed and likely will never reverse course. And that is okay. But it is also a fact that what the last eight months has taught us is that our world is a more dangerous place than ever with both nation-states and cyber criminals active beyond belief. For some attackers, the cyber warfare is asymmetrical. For others, it is much scarier. Machine learning, deep learning, and cognitive computing cybersecurity hardware may be our only way to attack the hackers back, to protect our data and our critical infrastructure, and to protect our nation. The time to give this technology a chance is now. In our mind, there is nothing to be afraid of except not adopting this technology soon enough.