One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8413357 |
| Date de publication | 2023-11-17 12:01:12 (vue: 2023-11-17 12:07:31) |
| Titre | Démystifier l'IA et ML: six questions critiques à poser à votre fournisseur de cybersécurité Demystifying AI and ML: Six Critical Questions to Ask Your Cybersecurity Vendor |
| Texte | As cyber threats continue to evolve at an unprecedented pace, many organizations are turning to artificial intelligence (AI) and machine learning (ML) in hopes of keeping up. While these advanced technologies hold immense promise, they\'re also more complex and far less efficient than traditional threat detection approaches. The tradeoff isn\'t always worth it. And not all AI and ML processes are created equal. The models used, the size and quality of the data sets they\'re trained on-and whether an advanced computational process is suitable for the problem at hand-are all critical factors to consider when deciding how both AI and ML fit into your cybersecurity strategy. In this blog post, we explore the vital questions you should ask your cybersecurity vendor about these technologies. We will also demystify their role in safeguarding your people, data and environment. Note: Though often conflated, AL and ML are related but distinct concepts. For simplicity, we\'re using AI when discussing the broader technology category and ML to discuss narrower learning models used in AI. Question 1: Why is AI suitable for this security problem? You\'ve probably heard the old saying that when your only tool is a hammer, every problem looks like a nail. While AI has rightly generated enthusiasm in cybersecurity, it may not be the optimal approach to every task. On one hand, the technologies can help analyze large amounts of data and find anomalies, trends and behaviors that indicate potential attacks. And the technologies can automate response and mitigation of security incidents. But depending on the size and complexity of the learning model, they can also be computationally intensive (read: expensive) to maintain. And worse, execution time can be much longer than less complex approaches such as rules and signatures. On the other hand, rules and signatures are static, so they don\'t automatically evolve to detect new threats. But they\'re also fast, easy on computing resources and highly effective for certain aspects of threat detection. Other signals, such as email sender reputation and IP addresses, can also be as effective as AI for many detections-and in most cases are faster and much more cost-effective. Getting AI right starts with understanding what cybersecurity tasks they\'re best suited to and applying them to the right problems. In the same vein, how the technology is applied matters. In cybersecurity, every second counts. Making decisions in real time and blocking malicious content before it can be delivered is today\'s key challenge. If the processing time of the vendor\'s AI means the technology is relegated solely to post-delivery inspection and remediation, that\'s a major drawback. Question 2: Where do you get your training data? The performance of ML models hinges on the source and quality of their data. That\'s because AI models learn from examples and patterns, not rules. And that requires a large amount of data. The more data, and the higher the quality of that data, the better the model can learn and generalize to new conditions. Like any ML model, those used in cybersecurity need a wide-ranging, diverse data set that accurately reflects the real world. Or more precisely, the data used to train your vendor\'s AI model should reflect your world-the threats targeting your organization and users. Finding data for general-purpose AI applications is easy. It\'s all over the internet. But threat data-especially data well-suited for the type of ML model the vendor intends to use- is scarcer. Gaining malware samples is a lot harder than acquiring data used in applications such as image and natural language processing. First, not much attack data is publicly available. Most security vendors hold on tightly to the threat data they collect, and for good reason. Beyond the obvious competitive advantages it offers, threat data is sensitive and comes with a bevy of privacy concerns. As a result, few cybersecurity vendors have a dataset large enough to trai |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | ability about account accuracy accurately acquiring activities adapt adding additional addresses advanced advantages against aggressive aided ai alarms alike all allows alone also always amount amounts analysts analytical analyze anomalies any apart applications applied applies apply applying approach approaches are area artificial ask aspects assessment assessments asthana attack attacker attackers attacks attempts attribution auc automate automatically available avoid aware because been before beginning behavior behaviors behind benefits benign best better bevy beyond blocking blocklists/safelists blog both breadth broader business but buyer buying called can capability capture cases category cause certain challenge change changes characteristic choose circles claims clouds collect com/us/solutions/nexusai comes common commons compare competitive complement complete complex complexity compliant computational computationally computing concepts concerns conditions conflated consider considering constant constantly content context continue continuously correct correctly corrupt cost costs could counts craft create created creative creativity credit: critical crucial curve curve” cyber cyberattacks cybersecurity data datapoints dataset datasets day deciding decisions defensive defined: degrading deliberate delivered delivery demystify demystifying depending detect detecting detection detections determination different disclose discuss discussing distinct diverse domain don done drawback drift drowning easy effective effectiveness efficacy efficiency efficient email encode encountered engine enough ensure enthusiasm entrants environment equal equation error especially evade evaluating even event every evolve evolving example examples execution expected expensive expert expertise experts exploit explore expressed external factor factors false far fast faster feedback find finding first fit flaws flood focus fool from fully funding gaining gauge general generalize generated geography get getting gimmick give giving good graphic hammer hand harder has have heard heavily help here high higher highly hinges hold hopes how https://www human hype ideally identified identify image immense impact important improvement inbox incidents include includes incorrect indicate indicates industry inefficient injecting inputs inspection intelligence intends intensive international internet involve isn issue its just keeping key know knowledge known labelled lacks language large layers learn learning less leverages license like limitations limited long longer look looking looks loop” lost lot low machine made maintain major make making malicious malware manipulate many market marketing matters may meaningfully means measure measures mechanisms metrics metrics: minimize misclassified misleading miss mitigate mitigation ml: model models modified morass more most much multiple nail narrower natural need needs new nexusai noise not note: novel number obvious occurs offers often old one only operating operational operations optimal organization organizations other out outside over pace part particular partner party patterns people per performance performed platforms point poisoning policies positive positives possible post potential powerful practices precisely precision predictions privacy probably problem problems process processes processing production products promise proofpoint proportion protect protection providing publicly purpose quality quantifies quantify question questions quickly range ranging rate rather reach reacts read: real reason receiver recent reflect reflects regularly regulations related relegated relevant reliability reliable reliably relies remediation remember reminder rep reputable reputation requires researchers reserve resources response result right rightly risks roc role rule rules safeguarding sales same samples saying scale scarcer scenarios science scientists sea second secure security seeing self sender sensitive separate services set sets share should shows signals signatures simplicity simply six size sl |
| Tags | Malware Tool Vulnerability Threat |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.