Machine learning can help filter the increasing noise on complex IT networks to spot the emerging cyber threats that pressured tech teams might miss.
Emily Orton, director at Darktrace, a company applying machine learning algorithms to cyber security, said that such smart software is a means for IT teams to keep up with the constant onslaught on new and persistent cyber threats.
“Threats are getting so complex now and fast moving that it’s become very, very difficult to pre-define what bad looks like in advance and at the same time our organisations and networks are getting more and more complex; we’re struggling with our own complexity as well as the complexity of the threat landscape,” she told TechWeekEurope at IP Expo 2016.
“It’s become really, really hard for security officers to catch up with all of that, you need an automated system to give you visibility of everything that’s going on.”
She explained that Darktrace uses a method of unsupervised machine learning which scans a customer’s entire network, right down to the behaviours of individuals and lone devices and analyses that information to learn what is considered normal activity for that network.
Then using methods based on probabilistic mathematics, the system can filter through all the noise of activity on the network and calculate what is a genuine anomaly in activity and thus a potential threat, rather than sending constant alerts to beleaguered IT departments.
Using machine learning this way not only allows for major visibility into network activity but also helps spot emerging threats that even cyber security experts might miss amongst the day-to-day network noise.
“Emerging threats are very difficult to categorise in advance; it might be as simple as user who’s decided to contravene policy in order to send source code home on the weekend because he wants to work on his development project over a couple of beers,” said Orton.
“Now that’s not going to fall into any particular category but it’s an emerging threat and its potentially opening up the company to vulnerability.”
But with machine learning, these changes in behaviours can be spotted which may be ignored by human security specialists or more traditional end-point protection software.
“In the future what we anticipate is not only self-learning detection, but also self-defending networks; a machine learning technology that takes action, which is targeted, measured, proportionate action on your behalf while you have time to catch up,” explained Orton.
“Because the reality is you’re never going to be able to catch that ransomware attack or that automated attacker quick enough with the speed of threats today.”
For the full interview with Orton, check out the video above.
Machine learning is increasingly finding its way into various software including Google G Suite.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…