AI faces hype, skepticism at RSA cybersecurity show – PCWorld

Vendors at this week's RSA cybersecurity show in San Francisco are pushing artificial intelligence and machine learningas the new wayto detect the latest threats, but RSA CTO Zulfikar Ramzan is giving visitors a reality check.

"I think it (the technology) moves the needle," he said on Wednesday. "The real open question to me is how much has that needle actually moved in practice?"

It's not as much as vendors claim, Ramzan warned, but for customers it won't be easy cutting through the hype and marketing. The reality is that a lot of the technology now being pushedisnt necessarily new.

In particular, he was talking about machine learning, a subfield in A.I. thats become a popular marketing term in cybersecurity. In practice, it essentially involves building algorithms to spot bad computer behavior from good.

RSA CTO Zulfikar Ramzan speaking at RSA 2017 in February.

However, Ramzan pointed out that machine learning in cybersecurity has been around for well over a decade. For instance, email spam filters, antivirus software and online fraud detection are all based on this technique of detecting the bad from good.

Certainly, machine learning has advanced over the years and it can be particularly useful at spotting certain attacks, like those that dont use malware, he said. But the spotlight on A.I. technologies also has to deal with marketing and building up hype.

Now all of a sudden, were seeing this resurgence of people using the how as a marketing push, he said, after his speech.

The result has created a lemons market, where clients might have trouble distinguishing between useful security products. Not all are equal in effectiveness, Ramzan claimed. For example, some products may generate too many false positives or fail to detect the newest attacks from hackers.

Theres no doubt you can catch some things that you couldnt catch with these techniques, he said. But theres a disparity between what a vendor will say and what it actually does.

Nevertheless, A.I. technologies will still benefit the cybersecurity industry, especially in the area of data analysis, other vendors say.

Right now, its an issue of volume. Theres just not enough people to do the work, said Mike Buratowski, a senior vice president at Fidelis Cybersecurity. Thats where an A.I. can come in. It can crunch so much data, and present it to somebody.

One example of that is IBM's latest offering. On Wednesday, the companyannouncedthat its Watson supercomputer can now help clients respond to security threats.

Within 15 minutes, Watson can come up with a security analysis to a reported cyber threat, when for a human it might have taken a week, IBM claimed.

Recorded Future is another security firm thats been using machine learning to offer intelligence to analysts and companies about the latest cybercriminal activities. The companys technology works by essentially scanning the internet, including black market forums, to pinpoint potential threats.

That might include a hacker trying to sell software exploits or stolen data, said AndreiBarysevich, director of advanced collection at the company.

When you cover almost a million sources and you only have 8 hours a day, to find that needle in the hay stack, you have to have some help from artificial intelligence, he said.

The RSA 2017 show floor.

Customers attending this weeks RSA show may be overwhelmed with the marketing around machine-learning, but itll only be a matter time, before the shoddier products are weeded out, Barysevich said.

We have hundreds of vendors here, from all over the country. But among them, there are five or ten that have a superior product, he said. "Eventually, the market will identify the best of the best.

Read more:

AI faces hype, skepticism at RSA cybersecurity show - PCWorld