ARTIFICIAL INTELLIGENCE IN CYBERSECURITY

Prepared By: Mohan Rajanna

Georgia State University: J.Mack Robinson college of Business
CIS 8080 – Security and Privacy Information Systems

10/06/2018
Version: Final

Document Sensitivity: Confidential

Contents
• Recommendation
• What is Artificial Intelligence
• Problem Description - Why do we need AI in Cybersecurity
• Course of actions
• Critical Factors
• Key Success Criteria
• Alternative Solution
• Restated Recommendation - Summary
• Point of Contact
• Sources
 Recommendation

Build & implement Artificial Intelligent machines

to identify, mitigate and prevent cybersecurity
threats in any organization.
What is Artificial Intelligence
• Simulation of computer system in a smarter way that it can perform tasks which normally need
human intelligence, such as decision making, analytical ability, speech recognition and visual
perception.
• Artificial Intelligent computers can match or even exceed humans

Components that enable AI :

Learn
• Machine Learning
• Deep Learning
• Visual recognition
• Natural language processing
• Cognitive computing

Action
Problem description - Why do we need AI in Cybersecurity
• Rate of growth in Cyber threats or attacks
• Complexity of attack mechanism
• Cyber attacks claim the cost of more than $100 billion every year

• Lack of Security Professionals to counter cyber threats

• According of research, currently 200,000 security jobs are yet to be filled in United states
• The need to have security professionals has expanded due to growth in cyber threats
• Any missed vulnerability can cost billions to company

• Common Human limitations (* depends on individual)

• Human brains can only process a limited number of Information at any given point
• Human personnel take time to resolve security incidents accurately
• Normal working hours are from 8 am - 5 pm
• Making sense out of large amount of data
• Bodily problems may lead to absenteeism
• Need a break to relieve work stress
• Statistically, the average cost due to absenteeism is more than $200 billion annually in the United States
• These limitations are utilized by attackers for their advantage
Course of Actions
• Knowledge data gathering:
Identify different types of security threats and their patterns by selecting threat intelligence from
millions of security research papers, podcasts, and news stories. These stories on threats and
attacks will act as a data repository for artificial intelligent machines to build their algorithms.

• Requirements establishment:
Determine what organizations need and would like to implement through artificial intelligence and
establishing effective business and technical requirements for any organizations would help to build
these Intelligent machines.

• Design and Develop intelligent machines:

After determining the needs of the organizations, Design and build Intelligent machines using the
supervised or unsupervised algorithms using the knowledge dataset as input for the cyber threat
vector.
Course of Actions
• Test intelligent machines:
Test these smart machines to see if they meet the organization’s objectives or vision in
countering the cyber threats.

• Implementation management:
Installing intelligent tools depending on the type of organizations and their business needs.
These smart machines will be production ready to identify, prevent and highlight any cyber
threats to organizations.

• Regular compliance:
Regular update to the threat intelligence knowledge database constantly to stay ahead and
detect any vulnerabilities. Intelligent algorithms to update the dataset automatically reduces
human effort to update the knowledge database.
 Critical Factors
• Knowledge database accuracy:
The ability to access security research papers and news stories and their availability influences the collecting of
raw data to build intelligent systems. Also, the amount of accurate data directly affects the intelligence and
performance level of smart machines.

• Business Analysis effectiveness:

Effective Business Analysis needs to be undertaken to integrate Business need with technology to derive
required intelligent cybersecurity solution.

• Build and Quality assurance outcome:

Developers and Testers possess sufficient knowledge of building smarter algorithms and are provided with
adequate infrastructure to accomplish the required result.

• System implementation:
System administration and service operations with the knowledge necessary to configure and install intelligent
machines to run in the production environment.

• Configuration management:
The ability of AI machines to install tools to update the knowledge database regularly with the no or
insignificant help of security personnel.
Key Success Criteria
• Learn and detect cyber-threats:
AI systems can learn various types of attacks and their defence mechanisms using
knowledge database using machine learning, deep learning, Visual perception & voice
recognition on their own.

• Adhere to the organization’s vision:

Smart or Intelligent machines to adhere to the Business needs and objectives of any
organization.

• Seamless protection to Cyberthreats:

Provide round the clock defence against cyber-attacks or threats.

• Minimize time for reporting and research:

Eliminate or minimize time-consuming research by curating risk analysis reports to make
critical decisions.
Key Success Criteria
• Faster security incident resolution:
Resolve security Incidents quickly by smart detection and prevention mechanisms. Intelligent machines
make use of the various machine and deep learning algorithms to achieve this.

• Reduce False alarms:

Reduce or eliminate any false positives without causing any system damage.

• Minimum maintenance:
Minute changes required to maintain the system.

• Auto compliant with knowledge database:

Automatically update knowledge database with smart technology that can locate security threat updates
or news with no or minimal help of security personnel.

• Cost effective solution

The AI solution for cybersecurity should fall within the budget constraint of an organization.
 Alternative Solution

The following summarizes the alternative approach for an organization to counter cyber-
threats:

• Build dedicated Cybersecurity team:

A team of dedicated security professionals need to be built, to identify, monitor and counter
cyber-threats round the clock.

• Hire & Train Security Professionals:

Security personnel of an organization needs to be trained on various threats to ensure they
meet the objectives of organization’s risk appetite.

• Build Cybersecurity awareness:

Establish cybersecurity awareness campaigns for employees to be aware of cybersecurity
threats.
Restated Recommendation - Summary
Building and installing the Computer systems that meets the definition of artificial intelligence and success
criteria can benefit any organization in countering the cyber-threats:

• Increase the speed of analysing the cyber threats

• Identifies any application vulnerabilities
• Provides deeper insights than what humans can do alone
• Decreases the workload of IT security personnel
• Accelerates the containment of infected endpoints or devices
• Increases the productivity of IT security personnel
• Reduces the average amount of relevant experience that security personnel need to have to
investigate and contain cyber threats
 Point Of Contact
To enable Artificial Intelligent machines in your organization for Cybersecurity, please contact :

Mohan Rajanna

Designation: Chief Information Security Officer (CISO)

Company: AI Consulting group for Cybersecurity
Address: Atlanta, Georgia State University
Email: mrajanna1@student.gsu.edu
Ph: 6784628110
Sources
• IBM Security and AI FAQs. (n.d.). Retrieved October 06, 2018, from https://fpf.org/artificial-intelligence-and-machine-
learning-primer-resources/

• Machine learning. (2018, October 04). Retrieved October 06, 2018, from
https://en.wikipedia.org/wiki/Machine_learning

• AI is the future of cybersecurity. (2017, August 08). Retrieved October 06, 2018, from
https://www.ibm.com/blogs/watson/2017/08/ai-is-the-future-of-cybersecurity-how-watson-helps-detect-threats-
faster-and-better-protect-your-organization/

• Ponemon Impact of AI. Retrieved October 06, 2018, from

https://public.dhe.ibm.com/common/ssi/ecm/41/en/41017541usen/ibm-ai-report-final-1_41017541USEN.pdf

• Artificial Intelligence for Smarter Cybersecurity | IBM. (n.d.). Retrieved October 06, 2018, from
https://www.ibm.com/security/artificial-intelligence

• IBM Artificial Intelligence and Cybersecurity For Dummies, IBM Limited Edition IBM. (n.d.). Retrieved October 06, 2018,
https://www.ibm.com/security/artificial-intelligence