CISOs overwhelmed by hype when assessing AI-powered cybersecurity solutions can ask three probing questions to separate the wheat from the chaff.
AI has tremendous potential to transform the cybersecurity industry. However, there is also bad news.
The good news first: the “good guys” are working to incorporate AI into cybersecurity solutions that can be used to automatically detect and prevent cyberattacks. Automated solutions that can prevent phishing emails from ever reaching your inbox, and also reduce the time-consuming false positives plaguing IT teams.
The bad news is that the same technology is being used to create more realistic phishing emails and to speed up the process of creating malicious files.
Unfortunately, it can be difficult to understand what is real and what is simply marketing fluff. As with any new technology, there is a learning curve, and many firms are adding AI capabilities only now. When your job is to protect your company from the ever growing threat landscape, what questions should you ask when assessing possible solutions for your cybersecurity strategy?
Three crucial questions
Approach AI solution vendors like you would a candidate for a job on your team. Assess effectiveness, utility and trustworthiness.
-
How is the AI being used to augment cybersecurity capabilities? One of the past benefits of famous AI breakthroughs is creativity and ability to make previously unheard of, yet ingenious decisions. For example, in 2016, in a Go match, an AI opponent made a move that confused even the experts, who thought it was a strange mistake. But Move 37, as it came to be known, was actually the turning point for the match. It was not a move a human would have made.
Similar, look for a solution that uses AI to prevent threats that other vendors cannot even yet detect. Ask about their innovation cycle and what threats they see on the horizon.
-
What is the level of AI expertise? With the current popularity of AI, many organizations are rushing to add some level of AI capabilities to their products. But in this economy, CISOs are being asked to run operations more efficiently and need to justify budgets.
There is no need to pay for limited AI capabilities. Ask for third-party validation of their AI solution’s accuracy to determine whether they are providing real value or simply creating more noise and false alerts.
-
Can a vendor’s particular AI be trusted? AI models are only as good as the quality and quantity of the data they are trained with. According to Stanford Professor James Zou, “One of the best ways to improve algorithms’ trustworthiness is to improve the data that goes into training and evaluating the algorithm.”
So, look for a solution that provides real-time threat updates and is being trained by a large customer base. The more customers, the more training data available for the AI. (Editor’s note: Readers need to be aware of precedents in AI bias and data poisoning incidents that occurred with more training data.)
With the rate and sophistication of cyberattacks increasing every year, cybersecurity leaders will need every advantage available to protect data, teams and stakeholders. AI may offer a powerful advantage, as long as we are deploying trusted solutions that move beyond hype to reality.