This website uses cookies. By continuing to browse this website, you accept our use of cookies and our Cookie Policy. Close

Learn, connect, and collaborate at the Cyber Voices Zero Trust Summit. October 27th.

Monday, Apr 27, 2020

Use of AI for Cyber Security in the Intelligence Community – Notes from the INSA Spring Symposium

Photo by Markus Spiske from Pexels

Share

I was pleased to have recently been invited to, and participated in, the Intelligence and National Security Alliance (INSA) Spring Symposium 2020 in March.  Experts from the government and private sectors had the opportunity to discuss the headline topic of the conference: ”Building an AI-powered Intelligence Community.”

In this blog post, I capture my talking points that I brought to the panel “Use of AI for Cybersecurity” – a subject close to my heart.

Here is the list of topics I injected into the panel conversation:

  • Algorithms (AI) are Dangerous
  • Privacy by Design
  • Expert Knowledge over algorithms
  • The need for a Security Paradigm Shift
  • Efficacy in AI is non-existent
  • The need for learning how to work across disciplines

Joining me on the panel were representatives from the Department of Homeland Security, Microsoft and Auburn University.

Intelligence and National Security Alliance (INSA)  2020 Spring Symposium

 

Allow me to elaborate on my discussion points:

  • Algorithms (AI) are Dangerous – We allow software engineers to use algorithms (libraries) for which they do not know what results are produced. There is no oversight demand – imagine the “wrong” algorithms being used to control any industrial control systems. Also realize that it’s not about using the next innovation in algorithms. When Deep Learning entered the arena, everyone tried to use it for their problems. Guess what; barely any problem could be solved by it. It’s not about the next algorithms. It’s about how these algorithms are used and the process around them. Interestingly enough, one of the most pressing and oldest problems that every CISO today is still wrestling with is ‘visibility’. Visibility into what devices and users are on a network. That has nothing to do with AI. It’s a simple engineering problem and we (the cybersecurity industry) still haven’t solved it.
     
  • Privacy by Design – There wasn’t a great deal of discussion around Privacy By Design during the conference. In a perfect world, our personal data would never leave us. As soon as we give information away it’s exposed and it can / and probably will be abused. How do we build such systems?  Many discussions still to be had it seems.
     
  • Expert Knowledge – Is still more important than algorithms. We have this illusion that AI (really, it’s generally either statistics or supervised machine learning), will solve our problems by analyzing data, instead of using “AI” to augment human capabilities. In addition, we need experts who really understand the problems. Domain experts. Security experts. People with experience to help us build better systems.
     
  • Security Paradigm Shift – We have been doing security the wrong way; for two decades we have engaged in the security cat and mouse game between attackers and defenders. We need to break out of that. Only an approach that understands behaviors can get us there.
     
  • Efficacy – There are no approaches to describing how well an AI system works. Is my system better than someone else’s? How do we measure these things?  Again, much discussion still to be had.
     
  • Interdisciplinary Collaboration – As highlighted in my ‘Expert Knowledge’ point above; we need to focus on people. And especially on domain experts. We need multi-disciplinary teams. Psychologists, counterintelligence people, security analysts, systems engineers, etc. to collaborate in order to help us come up with solutions to combat security issues. There are dozens of challenges with these teams. Even just something as simple as terminology or a common understanding of the goals pursued. And this is not security specific. Every area has this problem.

I very much appreciated the opportunity to surface these issues to fellow panel members and the audience.  Clearly there is much still to discuss, and you can count on us to continue leading those discussions.

The video recording of the panel can be found here: https://video.tvworldwide.com/CYBERSEC/200304_INSA_1515_Panel4.mp4

Interested in finding out more?

  • The full program recap can be found on INSAonline.org
  • Social media chatter from the Spring Symposium can be found under hashtag AIpoweredIC.
  • You can keep up-to-date with news from INSA via their website and their Twitter handle.

Until next time, keep safe.

About the Author

Raffael Marty

Raffael Marty brings more than 20 years of cybersecurity industry experience across engineering, analytics, research and strategy to Forcepoint. Prior to joining the company, Marty ran security analytics for Sophos, a leading endpoint and network security company, launched pixlcloud, a visual...