Artificial intelligence and machine learning - rather than Europe's General Data Protection Regulation – emerged as a key theme of the Infosecurity Europe Conference.
Many security vendors - particularly in the field of endpoint security - have been talking up the potential for artificial intelligence for years. That’s the view from up in the crowds while down in the ground machine learning has either been applied to automate the process of malware definition file creation or attack detection using pattern recognition. Done correctly, this results in security software with a smaller footprint. It isn’t magic but it is the coming thing and Infosec 2018 was awash with something that had been a fringe theme in previous years.
In a keynote speech that covered plenty of ground, former GCHQ director Robert Hannigan said that AI could be better for attack than for defence, noting "crime groups could use AI to find vulnerabilities".
AI-facilitated attacks have yet to actually happen but security firms are nonetheless taking the threat seriously and preparing for what might come around the corner.
Trend Micro's principal security strategist, Bharat Mistry, told El Reg that cyber-crooks might make use of machine learning and big data techniques to orchestrate ever-more sophisticated spear phishing attacks. Cloud computing resources might be abused to power such assaults, according to Mistry.
Artificial intelligence and machine learning present a double-edged sword that has the potential to benefit cyber security attackers as well as defenders.
Mikko Hyponnen, chief research officer at net security firm F-Secure, commented:
The fact is we are already using machine learning, in huge scale, in defence, and then the question is 'are we going to see attacks which use artificial intelligence?' Every company has to learn what machine learning is.
Everybody is speaking about this but that’s not good enough. You have to understand how you teach machines and what are the limitations.
AI and automation could be a driver for cybersecurity spending and behaviour in the next five years but its benefits could be outweighed by the skills required to work with it, according to a study by Infosecurity magazine, the companion publication of the Infosecurity Europe conference. ®