Is AI Becoming the Firewall of 2003? Evolution of 'Just Right' Use Cases for AI & ML in InfoSec presented at 3rdCybersecurityInternationalSymposium 2019

by Eric Poynton,

Summary : As an industry, sometimes cybersecurity becomes preoccupied with chasing a methodology as a panacea to our problems, rather than thinking specifically about what the methodology will and will not be useful for. This chase creates market bubbles, which will eventually burst and leave us no closer to our goal of improving threat defenses. This scenario is happening right now with artificial intelligence (AI) and machine learning. Current conversations around AI are eerily reminiscent of the discussions on firewalls back in 2003, when the industry was forced to understand new methodologies for performing degrees of pattern matching in hardware.AI/ML is simply another methodology in the broad evolution of tools that address specific aspects of the kill chain or InfoSec workflow. And popular methodologies of the past, over stating the value or impact of AI, create unnecessary risk and inflated market bubbles that will eventually burst.This presentation will address how an over-reliance on AI and machine learning for poorly matched InfoSec use cases will create unnecessary risk and could lead to an atrophy of the methodologies that compensate for machine learning's weaknesses. Well-matched use cases of AI/ML that are advancing the state of the art in enterprise protection will also be discussed, empowering advanced technical attendees to better inform their security strategies.