Artificial Intelligence Changes Everything in the Security Industry

During my years at Dell, we would share what we serendipitously found in the way of a good read. I thought I’d continue that practice, sending your way, if you haven’t already discovered it, Kai-Fu Lee’s book AI Superpowers: China, Silicon Valley, and the New World Order. It’s a fascinating read – particularly his insight that, “AI will be to the 21st Century what electricity was to the last…and Data – the oil that drives the generator.” Just as nineteenth-century entrepreneurs applied the electricity break-through to cooking food, lighting rooms and powering industrial equipment, today’s AI entrepreneurs are doing the same with the deep learning of artificial narrow intelligence (ANI).

Lee’s insights were incisive and inspiring – a clarion call of caution mixed with an articulate voice of hope and encouragement. Having straddled both China and U.S. cultures, his insights into the mind and practices of these largest global markets were eye-opening and even-handed. He explains the fundamentals of Neural Networks and Deep Learning in a way that were easy to grasp and presupposed little in the way of any prior mathematical understanding.

In the Deep Learning of AI, we’ve found that proactive capability we wanted to advance many years ago. We knew if we could determine the pure genomic state of the benign files that make up the Internet, we could detect malicious anomalies and preempt them before they could hurt us. We just needed technology to catch up with the idea.

Just more than 23 years ago we launched the FBI’s InfraGard Program. Although aspiring to be proactively preventative, notwithstanding our best intentions, we lived for the most part in the world of the reactive with its associated “Expense in Depth” complexity and cost. Proactive prevention eluded us. The age of Reactive Detection, that has stymied so many of us for so long, is now being supplanted by the world of AI and its proactively predictive capabilities. Shamelessly the security industry has profited quite nicely from the insecurity of this reactive paradigm. For decades we relied on the best technology we had at the time to deflect the onslaught of what we faced daily in the way of malware and other attacks, the effectiveness of which was predicated on having the latest signatures on hand, which the adversaries could defeat with the slightest modification of their last iteration. That signature-based paradigm required not only much in the way of downstream resources and expense, but at least one “sacrificial lamb” upon which to let each new instance of threat sink its teeth. On a good day the capture and deflection rates rarely rose above 50 percent, requiring that we labor assiduously to manage leaderships’ expectations, finally getting them to understand and accept what became a mantra in the industry: “It’s not if but when.”

However, just as predicted 50 years ago by Thomas Kuhn in his book the Structure of Scientific Revolutions, we’re seeing the dawn of a new day where AI’s machine learning and advance mathematical algorithms now offer validated deflection rates, pre-execution, in the realm of 99 percent. Recent independent lab results revealed that this prowess is being delivered by AI years in advance of the appearance of the most pernicious recent instances of WannaCry and other malware. No matter who you are or your previous exposure to the technology, I hope these last few issues have helped you better understand what our future portends, free of the shroud of fear, uncertainty and doubt often promulgated today around artificial intelligence.

John McClurg served as Sr. Vice President, CISO and Ambassador-At-Large in BlackBerry's/Cylance’s Office of Security & Trust. McClurg previously was CSO at Dell; Vice President of Global Security at Honeywell International, Lucent Technologies/Bell Laboratories; and in the U.S. Intelligence Community, as a twice-decorated member of the Federal Bureau of Investigation.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.