The War of Artificial Intelligence

With the arrival of artificial intelligence and machine learning in the world of cybersecurity, the intervention of man in the defense against cyber-attacks is becoming less and less necessary. Robots have shown that they do that job better.
In the framework of the annual cybersecurity report delivered by Cisco for 2018, Luis Garzón, a Cisco security expert, explained how new technologies are improving the cybersecurity of organizations. For the professional, these trends have shown to do a more efficient job than a person could do when identifying and reacting to a digital threat.

"These techniques of machine learning and artificial intelligence aim to be seeing the reality of things and predict them in a hidden or encrypted way and thus be more proactive and not so reactive to the risks of cyber-attacks," said Garzon at the time to explain that the process of detecting a threat and reacting to it would take more time for a human than for a machine with these technologies.

Regarding the above, the professional ensures that in the iconic case of cyber-attacks that was registered in 2017, Wanna Cry, companies that by then had security systems equipped with machine learning and artificial intelligence could respond satisfactorily to such threat.

"Several companies have this technology, and in fact could avoid being victims of Wanna Cry because they identified the traffic pattern that generated the incident. This was famous because in a few minutes many machines were infected. As Cisco we did many actions in each network and we started to identify how the attack was reproducing in an organization, that way the strategy was developed to mitigate the threat, "explained Garzón.

And is that security in organizations, for Cisco, should not be an alternative, Garzón said that, as the network grows on the Internet, in the same way increase the cybercriminal organizations.

"The sophistication of malicious programs is growing as cybercriminals begin to incorporate services in the cloud and bypass detection through encryption, using them as a tool to hide command and control activity," Cisco said. his most recent study the tendency in the professional world is to invest in tools that incorporate artificial intelligence and machine learning to defend against such threats.

However, the 3,600 information security managers interviewed for the report revealed that these technologies have a disadvantage and is generating false positives when identifying unusual traffic, which is the strategy used to detect a threat.

In this regard Garzón says that, although they have identified such problems, the idea is that artificial intelligence and machine learning can be learned as they work in the organization, so that over time they become more specialized and decrease their false positives record, that is, false alarms.