Artificial Intelligence & the Security Market

An interesting take on the difference between Machine Learning (ML) and AI, at the foot of this article, caught my eye.

Having spent several years of university studying machine learning techniques, as well as the broader field of AI, I suppose I can offer some useful insights into both terms and their respective merits.

Expansive in nature, over the years AI has grown into an enormous field, spanning a wide variety of areas, from robotics through to symbolic reasoning and connectionism. ML is recognised as part of the broader field of AI, but in contrast has a clearly defined scope.

ML is a much more mathematically-oriented field, comprising algorithms and techniques focused on learning from experience in order to optimise performance in a particular problem domain. Techniques are generic, and can be applied to learning problems that fit their intended usage pattern.

Examples where ML is used every day include:

  • Credit scoring. Can a credit card company, using all the data it has access to regarding an applicant, produce an accurate decision to lend and if so on what terms? This is a clearly defined optimisation problem that produces tangible results (reduction in risk, improvement in profitability).
  • Manufacturing. Can a production line recognise what sequence of manufacturing actions are needed in a particular context to achieve the intended quality target?
  • Game playing. Can a computer learn to beat a human, or indeed another computer, in a game such as Chess or Go?

The information security industry has some well known problems at present. The first of these is a shortage of suitably qualified people such as computer science graduates. Even were that to be solved now, there are systemic gaps in talent through the career experience levels, that will take the best of a decade or more to even start to correct. Finally, the underlying problem space is evolving rapidly – the scope of the task is changing week to week, data volumes are expanding, employee expectations growing, even employers are increasing their expectations and wanting to attract star candidates to modern and flexible working environments (with all of the inherent security challenges that entails). These and more are focusing responsibility on the shoulders of those in the field.

It is only natural, then, that the application of ML to cyber security should start to be considered. If we read across from the traditional benefits of ML as a field to cyber security, the potential gains are clear:

  • Continuous analysis, 24×7, will greatly expand the ability of organisations to implement effective cyber security
  • Transfer OPEX into CAPEX, diverting unused hiring funds into ICT capability, with a corresponding increase in ML performance
  • Greater depth and an ability to connect the dots between different data sources and events
  • Predictive capabilities to classify patterns of events to assist analysts

The last point is where ML has made much of its money for companies since it’s inception in 1959. If systems were built that could not only react to historical events, but identify future potential risks, the cyber security landscape will change dramatically.

Granted, some approaches to ML can suffer from serious shortcomings – mostly all involving intractability at scale, the demand placed on the bread and butter resources of memory, and CPU, not to mention the drawbacks of von Neumann computer architecture that persists today.

But there are some things today we have that were not around in the 1990s. First off, computational resources are far greater. We have better connectivity for streaming large quantities of information. Finally we have much more data to work with (both a benefit and a curse).

Personally I think there are some great opportunities and the next decade will see some incredible developments in the application of ML to cyber security, making our future cyberspace not one mediated by people, but by machine learning.