The era of Artificial Intelligence – technology that allows computers to “learn” and perform various tasks normally assigned to humans – has arrived, and is helping to improve information security. Here are several ways that it is doing so:
Improved Malware Detection
Classic anti-virus technology uses signatures to detect malware, which means that any particular malware can only be detected after researchers see it run, which is usually after it has infected various computers. AI can detect many forms of malware without the need for signatures, providing protection against zero-day threats before they inflict harm.
Detecting Insider Attacks
Artificial Intelligence can detect anomalous human behavior – which can help reduce the insider threat of both an “employee gone rogue” and an employee who has fallen for some sort of social engineering attack.
Detecting Malware Simulating Human Behavior
Furthermore, Artificial Intelligence’s ability to detect anomalous human behavior can also detect malware activity that simulates human behavior. If the CFO’s computer, for example, using the same mechanism that the CFO normally uses to submit payroll information to a payroll processor, attempts to transmit a firm’s salary information to some unknown computer halfway around the world, AI can block the transmission.
AI can help authenticate (and authorize) people by combining and analyzing multiple human biometrical properties to learn about people’s behaviors.
Security Alert Management
AI can analyze numerous security alerts to detect potential breaches and other problems – and can learn when to raise alarms and when to ignore non-threats – making information security management much more efficient for overtasked security teams that cannot possible act on every alert.
To learn more about the role of Artificial Intelligence in information security, please download the White Paper entitled AI for CyberSecurity: A Technology Breakthrough.