Attractive to both white-hats and cybercriminals, AI’s role in security has yet to find an equilibrium between the two sides.
Artificial intelligence is the new golden ring for cybersecurity developers, thanks to its potential to not just automate functions at scale but also to make contextual decisions based on what it learns over time. This can have big implications for security personnel—all too often, companies simply don’t have the resources to search through the haystack of anomalies for the proverbial malicious needle.
For instance, if a worker normally based in New York suddenly one morning logs in from Pittsburgh, that’s an anomaly — and the AI can tell that’s an anomaly because it has learned to expect that user to be logging in from New York. Similarly, if a log-in in Pittsburgh is followed within a few minutes of another log-in by the same user from, say, California, that’s likely a malicious red flag.