Network Security remains top of mind for all enterprises. Despite increased security spend, every day there are new security attacks, personal data records breached and corporate reputations tarnished.

The network edge has become the new battlefront for competitive differentiation. It is the point where an organization and its customers meet, where users engage, Internet of Things (IoT) devices connect, mobile transactions occur and it is the first line of defense against cyber-security attacks.

Few emerging technologies have garnered more interest lately than Artificial Intelligence / Machine Learning (AI/ML). Some believe AI/ML will ‘revolutionize the world’ and change how we work and play. However, what exactly is AI/ML, why is it important and where will it be used? This blog explores these questions and the role of AI/ML in cybersecurity.

What Are AI & ML?

Machine Learning (ML) is a field of computer science that uses statistical techniques to give machines or computer systems the ability to “learn” e.g., progressively improve performance on a specific task with data, without being explicitly programmed.  One of the simplest examples is autocorrect on your smart phone. Your phone may incorrectly change your child’s name the first time you enter it, however once you correct it, your phone quickly ‘learns’ the correct spelling for future use. In short, it learns based on your behavior.

Artificial Intelligence (AI), on the other hand, goes beyond ML. AI refers to machine intelligence, where machines can perceive their environment and take actions that maximize its chance of successfully achieving its goals; where machines have the ability to imitate intelligent human behavior. In summary:

• ML is an evolutionary step to AI
• While AI/ML are often grouped together and/or used interchangeably, they are different
• Solutions incorporating ML have been around for years
• AI solutions are emerging/future   

Why Are They Important?

In our ‘connected’ world, we are bombarded with information. The amounts of “data” traversing networks can be so astronomical that it is often impossible for us, as humans, to process, analyze and act on it. AI/ML allows us to harness this data and process it faster and more efficiently.  AI/ML provides actionable knowledge. According to ZK Research’s recent white paper,

Digital Transformation Success Requires a Smart Network Edge, AI and ML can bring order to networking, including RF, enabling applications and IoT devices to perform optimally.

Where Will AI/ML Be Used?

Experts believe that the initial focus of AI/ML will be in security and network operations use cases.  AI/ML can detect and deter security intrusions (as well as resolve network issues) faster and more proactively than humans. This means that it can resolve a security or network problem before it even becomes apparent to those operating the network.  ML/AI could be especially useful in identifying ‘Day Zero’ attacks. Until now, most security systems are developed to detect known signatures, which means the threat/anomaly must have been seen before, before the signature can be updated to find it in the future. ML/AI has the potential to address Day Zero issues. 

When Are They Available?

While there is much excitement around AI/ML, the reality is most deployments are in the early or pilot stage. Although many enterprises recognize its value and may have dabbled with it in their labs or in trial environments, there are few wide-scale deployments to date.

The Dark Side of AI/ML

One factor contributing to the cautious adoption of AI/ML is concern over its potential ‘dark side’. Any technology, including AI/ML, can be put to positive or negative use. For example, the same algorithms used by AI developers to design cyber security solutions can also be used by hackers to develop malicious bots. For those at attendance at the Black Hat  USA 2018 Security conference, healthy concern and skepticism over AI/ML in cybersecurity was evident (AI for cybersecurity is a hot new thing—and a dangerous gamble, AI & ML in Cyber Security – Why Algorithms are Dangerous)

AI/ML Will Never Replace Security Experts

While there is little doubt that AI/ML will play an important role in protecting networks in the future, it will never fully replace (human) security experts, nor can it be the sole technology that enterprises rely on.  Just as it takes a ‘village to raise a child’, it takes a ‘village of security experts, solutions & innovations to secure a network’.  And when you begin to feel you have things under control, the child becomes a teenager and you’re back to the drawing board.

Security is no different – threats that were inconceivable years, or even months, ago (case in point a casino’s high-roller information breached via a thermostat in the lobby fish tank) are now common place. Security is a journey, never a destination, and constant vigilance, review and upgrades are essential.

Considerations to Bolster Network Security

Where should enterprises start in bolstering network security? Here are some simple steps:

1. Risk Assessment / Identity Potential Vulnerabilities: The key to bolstering security in any network is to understand where you’re starting from.  All security initiatives must start with a risk assessment.
2. Layered Security Approach As highlighted earlier, securing networks requires a multi layered approach. This should include policy, segmentation/isolation, application telemetry, compliance, etc.
3. Industry Proven Solutions: Security is one area where sometimes it is best not to be on the cutting edge of innovation. While it is important to keep an open mind to AI/ML and other technological advances in security, rely on solutions that have a proven track record. Solutions, such as Extreme Fabric, that have participated in multiple hackathons, without one single breach. Or Extreme AirDefense  that has been providing wireless intrusion prevention services to leading Retailers and Financial Institutions for decades.
4. Open Ecosystem:  No one vendor or solution can address network security alone. The network must become an active participant in the security ecosystem, and work in conjunction with existing security solutions, such as firewalls, end system security solutions etc.  Having an open ecosystem approach to security is critical.

Want to Learn More?

Want to learn how to bolster network security? Register now for the 9/20 webinar, Is Your Edge Network Putting Your Business at Risk? Distinguished Systems Engineer and resident cyber-security expert, Ed Koehler will provide practical advice on how you can strengthen your edge security.

Also, watch our on-demand webinar Secure! – Are You Sure?, to learn how Extreme Fabric Connect provides inherent network security to enhance the security layers already present. You’ll learn how hypersegmentation, stealth, and elasticity and the design of your network can conquer cybersecurity threats.

Interested in learning how to optimize Wireless LANs with artificial intelligence and machine learning? See the Farpoint Group’s White Paper.

Finally, stay tuned for an upcoming blog where Ed Koehler will provide his candid thoughts on AI/ML and cybersecurity.