Why being human still matters in the world of cyber security
When the adversary is a wily and creative human, only man and machine working together can defeat them
Disciplines such as artificial intelligence and machine learning are playing increasingly important role in cyber security, but not at the expense of human intellect.
This is one of the key messages from the first day of McAfee MPOWER, the company's annual security conference in Las Vegas.
Indeed, one of the company's two new product launches, Investigator, has this complementary approach of human and machine at its very heart.
Speaking during a press panel on "human machine teaming", McAfee CTO Steve Grobman explained why in cyber security the human element remains so vital, whereas advanced analytics and AI is replacing humans in other disciplines.
"I think cyber security is a fundamentally different field to many other areas where artificial intelligence, machine learning is being used, Grobman said. "The example I like to give is weather forecasting [because] as we get better at forecasting weather, the laws of physics don't get upset and decide to change the way water evaporates. As we get better over time at forecasting where hurricanes are going to land, we make continuous progress.
"What makes cyber security such a different field than almost everything else in natural science that's using these same technologies is there's an adversary applying game theory on the other side of the table that's going to change the game. What machines are not good at is recognising human intellect you really need humans to understand human intellect."
Celeste Fralick, chief data scientist at McAfee, said the important thing is to use both AI and human resources rationally and where they can be of greatest value.
"We're dealing with humans and we have to act like humans back," she explained. "But at scale, you don't have an opportunity to do that logically with that amount of data [coming in] so you're going to have to do something different."
Machines, she said, should be used for tasks like summarising data, identifying patterns and making predictions, while humans should do more creative thinking at a human level, such as what the adversary may be doing. Based on that and the information provided by the data science capabilities, humans should then be the ones to decide what level of intervention is required and plan out next steps.
"Cyber security far outweighs [other disciplines in] the variety of data and the amount of data that's coming in because [cyber-attacks are] human driven [and] machine driven," Fralick explained. That pairing, she said, has to be reflected in how cyber security vendors respond to the threat.
Main image credit: Bigstock
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now