Can technology and cognitive computing help us minimize cyber crime?
Innovation and cutting-edge technology exists in an environment where cyber crime is the norm. Each new technology evolution seems to beget increasingly agile cyber criminals bent on outwitting cyber defenses. Can we use technology to defeat these cyber criminals?
Minimizing cyber crime
The answer is likely that we can’t because cyber crime is on the rise. Threat actors continually exploit technologies such as artificial intelligence, cognitive computing and connected devices to commit intentional harm. Already, pundits are predicting cybersecurity threats for 2017 and beyond. Recently, I had an opportunity to discuss with Scott Schober, author of Hacked Again (ScottSchober.com Publishing, March 2016), and Shahid Shah, cybersecurity and risk management consultant, how technology and cognitive computing can minimize cyber crime.
How much do you buy the argument that technology is moving faster than the threats?
Scott Schober: I think there is some truth to it in certain niche areas. Obviously, not in all areas because we see how many threats are there. Again and again, we keep hearing about breaches and threats, but in certain niche areas they are really focusing on technology. And some of this advanced threat detection, in which real-time solutions are crunching the data, could stop these threats immediately.
Shahid Shah: Agreed, Scott. To me, cognitive computing is really about using all the sensors that we have in our businesses as our eyes and ears to make sure that our businesses have great visibility into how our customers are being served. So, what’s cool about some of the technologies we are seeing today is that there is now a consensus that humans shouldn’t have to do everything on their own; let’s use humans in the areas where they can be most effective. That use means letting the machines do what the machines do well, which is pattern recognition and maybe even trying to figure out some relationships between bad actors that we couldn’t find on our own.
There seems to be a lot of self-service with cognitive computing. How much of it are you seeing in the industry?
Schober: I think it’s still developing. But what’s nice about it is that it is adding different layers of dimension. As you mentioned, you’ve got different sensors that are feeding in this information. Now you are building it and making intelligent decisions, and you can do it much faster. I even liked the analogy in one of the sessions at i2 Summit about body cameras. Maintaining security is very important but the challenge is, how do you look at all this video? I think more than half the video is not even looked at because not enough humans are available to do it. When you bring cognitive computing and other analytics into it, you can start analyzing this data for specific patterns, really assess the threats and then you can take actionable items, which is beautiful.
Shah: When you look at the idea behind machine learning and artificial intelligence, it always seems like it is science fiction or it is just one year away or two years away. At least with the demos that we saw at the i2 Summit for a Safer Planet, we are really not that far away. It looks like there’s still a good amount of human intervention that’s necessary to teach the machines what to do, but that’ll improve quickly. I’m really looking forward to a time when the machines can tell us more than we can discover ourselves and especially on the explicit and implicit relationship discovery side. I think what I’d be looking really forward to is how can we get the next level of smarts; cognition really comes to me when it determines relationships—not so much entities but the actual relationships.
Even though there is a lot of technology available, if you don’t have the personnel to use that technology, you can’t really move forward. What are your thoughts?
Schober: One thing Frank Abagnale Jr said at the i2 summit is that best practices have to be implemented when we think about cybersecurity. [Editor's note: Abagnale’s life story inspired the 2002 Academy Award–nominated feature film Catch Me If You Can, which stars Leonardo DiCaprio, who played Abagnale.] He even highlighted the point that it’s everywhere from the CEO to the janitor. That really means everyone within the company has to get it. They have to think cyber. If they don’t think cyber, all you need to find is one vulnerability in the company, and it is usually a human. It can be an insider threat, a weakness, somebody compromises a password or login credentials. It doesn’t matter what it is, all you need is that one person. If you don’t educate the entire company, how strong could it be?
Shah: Yes, the other thing that Frank really talked about that resonated with me—because I often say the same thing myself—is that a lot of our breaches are just failures of leadership. He mentioned that “a breach happens because either someone did something wrong or someone didn’t do something that they were supposed to do.” It looks like we are lacking the permeating of cybersecurity and risk management through our workforce optimization and workforce education. From just an education perspective, nobody asks people every day, “did you lock your front door today?”
But, cybersecurity is something we are not really comfortable with, so we need to ask people to do the obvious—regularly. Our parents teach us to lock our doors, be careful and watch both ways before we cross the street. That simple stuff that we learn as we are growing up gets ingrained in us, but the digital stuff doesn’t come as second nature. We are not teaching it in schools; we don’t teach children how to be safe in cyber space. We are not even teaching it in cybersecurity classes.
I do a lot of training in the US government. We run across many analysts there that are experts in their fields, who are just now learning how to do basic network protection, how to do basic software protection. I think we have got to figure out how to permeate this further—not just education of a workforce, but really educating elementary school students, educating teachers all the way up.
What are your thoughts? Can technology and cognitive computing help us minimize cyber crime? Join us at IBM Insight at World of Watson 2016 to learn more.