Elementary, my dear Watson! IBM now using AI platform to solve cybercrimes

21 Feb 2017

IBM X-Force Command Center using Watson. Image: John Mottern/Feature Photo Service for IBM

IBM’s Watson AI and IoT-fuelled supercomputer finally has the role it was born for, as it is now being recruited to tackle cybercrime.

Since it was first presented to the world as a contestant on the gameshow Jeopardy!, IBM Watson has evolved 10-fold.

From its new internet of things (IoT) headquarters in Munich, it is being used not only to develop the brains for future autonomous vehicles, but also to influence decision-making, from healthcare to smart cities.

Now, similar to the Dr Watson character in the legendary Sherlock Holmes books, IBM Watson is to be recruited to solve crimes – specifically, cybercrimes.

Over the past year, Watson has been trained in the language of cybersecurity, ingesting more than 1m security documents. It can now help security analysts to parse thousands of natural language research reports.

IBM’s research suggests that a helping hand from AI is much needed within the infosec community, as security teams sift through more than 200,000 security events per day on average, leading to more than 20,000 hours per year wasted chasing false positives.

Safe Havyn

IBM plans to give to customers a new Watson chatbot within its global X-Force Command Center network.

The company also revealed a new research project, code-named Havyn, that uses a voice-powered security assistant through Watson to respond to verbal commands and natural language from security analysts.

“Today’s sophisticated cybersecurity threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” said Sean Valcamp, chief information security officer at Avnet.

“Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing it with the latest security attack intelligence to provide a more complete picture of the threat.

“Watson also generates reports on these threats in a matter of minutes, which greatly speeds [up] the time between detecting a potential event and my security team’s ability to respond accordingly.”

Colm Gorey was a senior journalist with Silicon Republic