IBM: Cybersecurity is a game of wits, and AI gives us the edge

16 Mar 2017

IBM Security chief product officer, Denis Kennelly. Image: Connor McKenna

IBM Security’s Denis Kennelly is one of those at the frontline of the battle for cybersecurity, and he believes IBM Watson and AI give it the edge in what he describes as a game of wits.

In a future where billions upon billions of devices are expected to form part of the vast internet of things networks (IoT), controlling everything from your kettle to a traffic grid, the need for effective cybersecurity measures couldn’t be more important.

The only problem is that, in many cases, the ones trying to protect the software that goes into our phones and computers (and just about everything else) are facing an uphill battle.

If it isn’t the government that has a drop on you with an unexpected vulnerability, it could be the legions of hackers for hire who are now running businesses, selling code for cash on the dark web.

Towards the end of last year, estimates put the number of new malware samples being generated in a single quarter at around 18m.

This would mean that as many as 200,000 per day are being generated, all of which are aimed at breaking into systems that – at least on the outside – appear secure.

All of this would then suggest that trying to stop it would be akin to the child putting his finger in the dyke.

Elementary, my dear Watson!

Not so, according to IBM Security’s chief product officer, Denis Kennelly, who sees the immense challenges being stemmed by its not-so secret weapon: artificial intelligence (AI).

Behind the scenes, churning and learning through vast amounts of code, is Watson, the AI platform used not only to develop the brains for future autonomous vehicles, but also to influence decision-making, from healthcare to smart cities.

Last month, the company revealed the full extent of Watson’s growing influence in locating, tracking and alerting the humans on hand to pick through and make sense of the latest threats.

“Security is a game of wits,” Kennelly said in conversation with

“It’s a game of really intelligent people perpetrating the attack, and also very intelligent people defending against the attack.”

Humans not being replaced

Kennelly points to AI’s ability to sift through the complicated array of white papers and unstructured information on threats, and get them to security operators who need them instantly.

Other services now being offered by IBM Security such as Safe Hayvn – a chatbot within its global X-Force Command Center network – will allow security analysts to talk with Watson about details of new and existing threats.

However, this doesn’t mean that the humans who work within cybersecurity will be left with a career as obsolete as that of a knocker-upper in Victorian Britain.

In fact, the opposite is the case, whereby many companies working within the cybersecurity field are expected to really struggle to fill the roles they need in the coming years.

AI vs AI

By 2020, Kennelly said there will potentially be as many as 1m open positions in cybersecurity, due to both the complexity of the role and the sophistication of the attackers.

Comparing these roles with healthcare, where Watson is already establishing itself, AI will provide the heavy lifting for cybersecurity analysts to help them save hundreds of hours per week in research.

But could AI be used by hackers in an almost identical way against IBM Security and other firms, to bring two conflicting AI machines against one other in cyber warfare?

Not right now, Kennelly said, but it is certainly not outside the realms of possibility.

“The trend is there and unfortunately, the possibility is there because at the end of the day, this is computer science.”

Colm Gorey was a senior journalist with Silicon Republic