McAfee is In­te­grat­ing AI for Im­proved Cy­ber­se­cu­rity

Distinguished Magazine - - CONTENT - NAMRATA GULATI SAPRA

This in­te­gra­tion brings a whole new vol­ume of re­sults, and ac­cord­ing to him is much bet­ter than either of the tech­nolo­gies work­ing alone. When Ar­ti­fi­cial In­tel­li­gence (AI) is com­bined with Threat In­tel­li­gence (TI), it yields mul­ti­ple ben­e­fits. This is what is be­ing em­pha­sized by Steve Grob­man, se­nior vice-pres­i­dent and chief tech­nol­ogy of­fi­cer (CTO) at McAfee. In­fact, sim­u­la­tions are show­ing the com­bined ef­fects of both th­ese tech­nolo­gies and McAfee is ac­tively vouch­ing for that.

While speak­ing to the par­tic­i­pants at the 2018 MPower Cy­ber­se­cu­rity sum­mit in Las Ve­gas, Grob­man pointed out that this in­te­gra­tion brings a whole new vol­ume of re­sults, and ac­cord­ing to him is much bet­ter than either of the tech­nolo­gies work­ing alone. The ef­fect of en­hanced threat de­fense ca­pa­bil­i­ties is some­thing that hap­pens au­to­mat­i­cally once the ad­van­tages of AI, Ma­chine Learn­ing (ML) and Data Sci­ence is com­bined.

THE RIGHT WAY OF THREAT DE­TEC­TION AND RE­DUC­ING HIGH COSTS

While threat in­tel­li­gence on its own in a ma­li­cious code sim­u­la­tion en­vi­ron­ment iden­ti­fies the per­ceived threats, there is al­ways a chance of many new ma­li­cious codes be­ing uniden­ti­fied.

Ac­cord­ing to Grob­man, it is, of course, pos­si­ble to have a high de­tec­tion rate even if a sin­gle model was used. In­fact about a 95% de­tec­tion pos­si­bil­ity is achiev­able but the chances are strong that some of the le­git­i­mate ap­pli­ca­tions tend to be stamped as ma­li­cious. Then there is the cost fac­tor as well which in many cases can turn out to be a huge sum caus­ing a whole of a pinch on en­ter­prise IT bud­gets.

At the same time, if a com­bi­na­tion of ML and threat de­tec­tion is used, then ap­pli­ca­tions can at the first stage be eas­ily clas­si­fied into safe or risk cat­e­gories and only the un­known samples need to be worked on ML for de­tec­tion. This pro­tects many a good sam­ple and is a cost re­stric­tive fac­tor as well.

PROD­UCT DE­VEL­OP­MENT AND ML AT MCAFEE, THE FU­TURE

Point­ing out to McAfee’s vision on the same, Grob­man said that the com­pany stated in 2016 when the end­point Real Pro­tect Static started to use ML to de­ter­mine if there was some­thing ma­li­cious. Within one year, it was fol­lowed by Real Point Dy­namic which was more ad­vanced by look­ing into ap­pli­ca­tion be­hav­ior. He also an­nounced the near-to- ready re­lease of the third point in this vari­ant which is known as Real File­less Mal­ware to counter the new threat of what in­dus­try has termed as File­less Mal­ware.

In his key­note ad­dress, Grob­man em­pha­sized the abil­ity of teleme­try data and ad­vanced an­a­lyt­ics to have ac­tion­able in­sights. It needs to be re­mem­bered that the CEO of McAfee had pointed out to this be­ing the fu­ture prod­uct de­vel­op­ment vision of McAfee.

TELEME­TRY

This teleme­try will take the form of a pipeline which will store the data and then redact and an­a­lyze it for a spe­cific pur­pose when re­quired. This cy­ber­se­cu­rity teleme­try will pro­vide the re­quired in­puts for or­ga­ni­za­tions to base their fu­ture plans. He backed it up with an ex­am­ple wherein he said that McAfee will be de­vel­op­ing a real-time sys­tem that can pro­vide a view across the world on the threats faced ev­ery day and ev­ery sec­ond. The re­search on the same is go­ing on as part of the prod­uct de­vel­op­ment plan of the com­pany.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.