HomeARTIFICIAL INTELLIGENCEWhy AI Is Not The Killer Application In Threat Intelligence

Why AI Is Not The Killer Application In Threat Intelligence

Threat Intelligence- There is no getting around the use of AI in cybersecurity either. Cyber-attacks have become more and more sophisticated, practical, and faster in recent years. To defend themselves, companies must be able to react to aggressive attacks in near real-time. In the fight against cybercriminals, AI disciplines such as machine learning, supervised and unsupervised learning, decision trees, and deep learning play a decisive role.

AI alone, however, is not the panacea in the defense against hackers. Co. emphasized NTT Ltd. Dieses points draw superior threat intelligence from Using AI can quickly analyze large amounts of data, unknown files with Threat Intelligence Platforms matched and in this way malware can be detected. Suspicious behavior patterns can be checked using existing rule catalogs.

Threat Intelligence- AI: Automated Search For Intruders

These methods can be used to identify potential intruders in the system. This happens entirely automatically, shortens the response time, and minimizes possible damage. Most companies have enough data from OT (Operational Technology) environments or IoT devices, but they do not have the necessary amount of richly coded training data. A Security Operations Center (SOC) like that of NTT Ltd. uses threat data from a wide variety of sources. It, therefore, enables in-depth insights that no individual company could put together or analyze with a reasonable amount of effort.

A correspondingly large and high-quality database is not only needed for the detection of anomalies. It is also a prerequisite for the continuous development of AI ​​systems. Poor data quality leads to poor AI, an inadequate detection rate, and ultimately poor security.

How good an AI algorithm is here depends crucially on the experts who “train” it. They have to feed their machine helpers with the necessary information and create security guidelines that they can further refine based on possible incidents or the results of their vulnerability searches. In so-called supervised learning, the analyst “teaches” the algorithm which conclusions it should draw.

Combination Of AI With Human Intelligence

AI only works effectively and without side effects in a team with human intelligence. The combination of continuously learning algorithms and well-trained experts makes it possible to identify new threats almost in real-time and react to them. In addition to the acceleration of the response time, another advantage is the accuracy in the detection.

Instead of getting bogged down in the tons of alerts that often turn out to be false positives, companies can focus their resources on risk reduction and strategic action. AI solutions can process information in nanoseconds and derive valuable suggestions, but not all information is relevant. The systems, therefore, need input from the analysts to understand the context of a security incident.

SOC Supports The Fight Against Cybercriminals

“Equipped with a sufficiently large and high-quality database, AI contributes rule-based knowledge and analytical accuracy for threat intelligence services. Nevertheless, it does not work without human intelligence. Because of the shortage of skilled workers, especially in the areas of AI and security experts, companies are dependent on the expertise of SOCs in the fight against cybercriminals,”.

“NTT Ltd. concentrates very precisely on precise markings when training his sophisticated analysis modules. To create models that can be used to identify malware specially developed to circumvent modern intrusion detection systems, we need numerous and varied examples of the behavioral patterns of cybercriminals and normal users. This is exactly what our global infrastructure provides,”.

The Security Division NTT Ltd. supports companies in setting up a digital business that complies with the principle of security-by-design. Based on threat intelligence, the company offers prevention, detection, defense, and response to cyber threats, while at the same time supporting business innovations and managing risks. 

ALSO READ: Security Awareness: 5 Tips For The Right Approach