Why Autonomous AI is Needed in Cybersecurity

This week in AI we focus on Autonomous Artificial Intelligence and why it is sorely needed in the cybersecurity industry. As cyber attacks grow in variety, number, and complexity, there needs to be an equal response on the defense side with the adoption of autonomous defense systems which are capable of protecting against more advanced threats.

In an article on Autonomous AI written for Analytics Insight by Vivek Kumar, he states that because of the increase in cyber attacks every year, there is a need to upgrade to a fully automated defense system.

“With the advancements in technologies, it is projected that the future certainly holds the reality of Artificial Intelligence-driven cyber-attacks, where malware can self-propagate through a series of autonomous decisions and intelligently tailor itself to the parameters of the compromised system in order to become stealthier to dodge detection,” said Kumar.

An autonomous cyber defense system where algorithms are fighting against other algorithms on business’ networks is the future of cybersecurity, according to Kumar’s vision.

The AI would perform like a “cyber immune system,” by learning what’s normal, or ‘baseline,’ for the network, then monitoring for any deviations from this normal in order to detect never-before seen threats without relying on any prior knowledge.

MixMode has already adopted this technique where the AI will form a baseline of your network over the first 7 days. Then, once it has your baseline, it will constantly be scanning the network for abnormalities, and alert security professionals as soon as one appears, without having labeled it as a threat before.

DOD Seeks Autonomous AI System That Works Off of Baseline

The DOD is also seeking a security system that works off of a baseline in order to find anomalies on a network.

In a recent article published in FedTech Magazine, Phil Goldstien talked to the Pentagon’s Joint Artificial Intelligence Center Chief Lt. Gen. Jack Shanahan who said that data in the cybersecurity realm is more ambiguous and thus more difficult to classify.

To do so effectively, the DOD needs to establish a more solid baseline.

“What does normal look like so anomalies and variances in the system can be detected in the data?” Shanahan said, according to the DOD.

The DOD has about two dozen different cybersecurity vendors, and each collects data in its own unique way. Without standardization, the Pentagon will find it more difficult to train AI-based cybersecurity solutions to sift out when there is anomalous behavior.

“What does normal look like? If we’re trying to detect anomalous behavior, I have to know what the baseline is,” Shanahan said, according to Nextgov. “[That’s] much more challenging on cyber than it is on full-motion video or predictive maintenance or even in our humanitarian assistance [efforts].

Standardized data is also crucial for creating AI algorithms. To fully take advantage of AI, “the data problem has to be addressed,” Shanahan said, according to the DOD.

To do that, the JAIC is working with the NSA and Cyber Command to create a starting point for data curation, content, sharing and storage.

“Just on that agreement, I think we’ll have much more success down the road as we bring in commercial vendors to do product evaluation,” Shanahan said. “The challenge right now is they didn’t know the data they’d be seeing.”

Autonomous AI is Revolutionizing Cyber Defence

As we move towards a future where more and more of our physical environment and infrastructure are going online, we must remember that anything we digitize can become vulnerable to attack. That’s the concern Sanjay Aurora brought up in his article for CISO Magazine on why companies should start adopting Autonomous AI programs now.

“These attacks have the potential to compromise our most critical infrastructure by turning off the lights, disrupting transport systems, and ultimately threatening public safety. The past year has shown us that geopolitical tensions are beginning to be played out in cyberspace. Nation states will have to be on high alert to protect their energy grids, manufacturing plants, and airports from sophisticated cyber-threats,” he said.

Autonomous Cyber AI may prove to be the best line of defense against future AI attacks. Because of an autonomous AI system’s ability to form a baseline and find threats based off of seeing deviations from the norm on a network, it will be much easier to spot attacks even if they are using advanced methods because any attack will disrupt the normal daily workings of the network.

Ultimately, digital transformation is happening at such a pace that AI, especially in the area of cybersecurity, is being recognized as a ‘must-have’ in enabling companies to stay ahead of unpredictable threats. And once attackers turn to AI to supercharge their methods, cyber AI will be our most fundamental ally.

“Humans alone cannot detect the subtle, unusual behaviors indicative of today’s stealthy attacker, or at least, not before it is too late – networks are simply too big and too complex. And in an age where we’ll soon see machines fighting machines, far outpacing human security teams’ ability to keep up, arming up with cyber AI will be crucial to staying one step ahead of an ever-evolving adversary,” Aurora said.