Beyond being a cliché, “artificial intelligence” and its associated automation technologies have driven major developments in security, signifying that important changes have occurred in this field. In the field of cybersecurity, artificial intelligence refers to systems that acquire data, trace patterns, and forecast trends. Typically, this application is performed using machine learning, neural networks, or other high-performance data processing algorithms. There are limited domains in which an AI-driven system is more effective than humans or conventional security systems, such as detecting security threats, connecting unrelated incidents across various geographical or logistical contexts, and examining large datasets for subtle attack indicators that are often missed by humans or conventional security systems.
While traditional automation is constrained to predefined instructions, intelligent automation leverages artificial intelligence through playbooks and reasoning processes. This enables systems to analyze the outcomes they receive, make suitable decisions, or perform a series of predetermined tasks beyond simple ‘if-then’ rules. A simple example is a system that detects a malicious device and, if appropriate, isolates the bad actors by isolating the device. Such devices can suggest removing the malicious endpoint from the network or implementing a specific set of controls without the manual approval of security personnel.
Read the original article: