IBM unleashes Watson on cybercriminals

IBM's AI powerhouse will help analysts tackle growing security threats

Cybersecurity analysts will soon have the help of an AI supercomputer in the campaign against online criminal activity, as IBM has revealed Watson is now ready to take up the fight by helping analysts crunch data faster.

Until now, IBM's Watson has been largely used in the development of apps, and creating improved customer services, although its most talked-about application has been in healthcare, where Watson is used to help with clinical decisions in hospitals around the world.

But over the past year, IBM has been slowly feeding its AI pet with millions of security documents and research reports to the point where the technology is now ready to be released to help organisations fight back against hackers.

Watson for Cybersecurity will be integrated into IBM's new Cognitive Security Operations Centre (SOC) platform, creating the IBM QRadar Advisor app, a tool that will allow users to tap into Watson's copious amount of security know-how to augment human intelligence.

"The Cognitive SOC is now a reality for clients looking to find an advantage against the growing legions of cybercriminals and next-generation threats," said Denis Kennelly, VP of development and technology at IBM. "Our investments in Watson for Cybersecurity have given birth to several innovations in just under a year. Combining the unique abilities of man and machine, intelligence will be critical to the next stage in the fight against advanced cybercrime."

IBM QRadar Advisor in action using Watson's intelligence gathering

The aim is for Watson to help cut down on the tens of thousands of hours that analysts currently spend sifting through security reports, according to IBM, and to prepare for an anticipated doubling of security incidents over the next five years.

In-field testing has already been successful inside 40 organisations across the world, including Avnet at the University of New Brunswick, and technology consultancy firm Sopra Steria.

"Today's sophisticated cybersecurity threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data," said Sean Valcamp, CISO at Avnet. "Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing it with the latest security attack intelligence to provide a more complete picture of the threat."

Watson will be able to assist investigations by using its natural language processing power across blogs, websites, research papers and other security sources including data from the QRadar app, shortening the time it takes to process incidents from "weeks and days, to minutes".

IBM said it will help customers "design, build and manage SOC centres globally", and has already built 300 over the past five years, with options to have Watson's new capabilities built in via on-premise or cloud systems. The SOCs also draw upon IBM's portfolio of security features, including i2 and IBM X-Force Exchange. The technology giant has even developed a Watson-powered voice assistant named Havyn, capable of interacting with analysts on real-time threat updates and monitoring the health of an organisation's security.

IBM is clearly jumping on a burgeoning market, as while only 7% of security professionals are currently using cognitive tools today, according to a recent survey from the vendor, usage is expected to triple over the next three years.

Images courtesy of IBM

Featured Resources

Five lessons learned from the pivot to a distributed workforce

Delivering continuity and scale with a remote work strategy

Download now

Connected experiences in a digital transformation

Enable businesses to meet the demands of the future

Download now

Simplify to secure

Reduce complexity by integrating your security ecosystem

Download now

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

Recommended

'Largest ever' Magecart hack compromises 2,000 online stores
hacking

'Largest ever' Magecart hack compromises 2,000 online stores

15 Sep 2020
Infocyte integrates with Palo Alto Networks Cortex XSOAR
cyber security

Infocyte integrates with Palo Alto Networks Cortex XSOAR

19 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

Accenture ploughs $3 billion into cloud migration support group
digital transformation

Accenture ploughs $3 billion into cloud migration support group

17 Sep 2020
Google takes on Zoom with launch of Meet hardware
video conferencing

Google takes on Zoom with launch of Meet hardware

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020