The Rise of Machine Learning in Cybersecurity

24 August | 2018By Claire AuzanneauInsights

Recently, Gartner identified the Top Six Security and Risk Management Trends, citing Machine Learning as one of them.

The report states, “the shift to the cloud creates opportunities to exploit Machine Learning to solve multiple security issues, such as adaptive authentication, insider threats, malware and advanced attackers. Gartner predicts that, by 2025, Machine Learning will be a normal part of security solutions and will offset ever-increasing skills and staffing shortages”.

This trend seems to be seducing the big players – the proof is that 81% of Fortune 500 CEOs believe artificial intelligence and Machine Learning will be important to the future of their company.

Over 30 years ago, scientists began to create programs for computers that analysed large amounts of data and recognised patterns forming in the results. This was the birth of Machine Learning as we know it today. When leveraged to enhance security, it helps to identify malicious behaviour and entities, which means that it creates opportunities to solve multiple security issues.

At present 78% of UK decision-makers say their endpoint protection product uses Machine Learning to protect their organisation from malicious attacks. Machine Learning as part of such a product is extremely accurate in its ability to identify malicious files and behaviour; it can track literally tens of thousands of relevant data points to spot alignment between files and activity with far fewer false positives.

The Rise of Machine Learning

In short, as Machine Learning works with an algorithm conceived to detect the unknown, its most notable aspect is the fact that it automatically improves over time. This means that, while feeding the machine with data, we can teach it what’s normal and what’s not, so it can later flag any suspicious activity.

A good example of Machine Learning in action is demonstrated by Egress Software: by leveraging this technology to analyse core user behaviour, the company has developed a threat protection product that helps users avoid mistakes when sharing confidential information via email. Common mistakes we all make include adding the wrong recipient in the “To” field – perhaps someone else with the same first name as the intended recipient – and sending an email by mistake to an unauthorised recipient. Based on historic data relating to the users’ previous actions, Machine Learning warns the user before they hit send that something doesn’t seem right. This encourages double-checking and means users engage more actively with ensuring they send information to the right recipient. The warning also pops up when first sending an email to an unknow recipient or when a user is about to inadvertently reply to a potential phishing email. The neat part is that it’s a combination of Machine Learning working with the user that creates a more secure organisation, as users become more alert to scams and take more responsibility for their actions.

Machine Learning is increasingly being adopted across multiple industries such as healthcare, financial services, transportation, education and business. This is encouraging cybersecurity players to develop more sophisticated solutions and products to help organisations defend against threats; and to provide users with the support they need to make educated choices over who to include in their communications.