Beyond buzzwords - what cognitive science means to cybersecurity
Artificial Intelligence, Neural Networks, Cognitive Computing, and Machine Learning are all buzzwords applied to cybersecurity. But what do they actually mean? Are marketing departments simply re-using cognitive science terms to create attention-grabbing phrases for cybersecurity, or is there actually something deeper happening?
Terms from cognitive science are not arbitrary labels applied to cybersecurity. Historically, the relationship between computing and cognition emerged as early as the 1950s during the cognitive revolution when behavioral-based psychological science embraced the mind and its processes. Today, cognitive science is an expanding interdisciplinary domain that overlaps with nearly every aspect of cybersecurity.
To understand the overlap, take a few moments to think about thinking. What does it take to think, or to learn? Does it simply depend on a biological process that each person experiences in isolation? Is it dependent on language, relationships, experiences, or personality?
What we find when considering the complex biological and environmental influences on cognition, is that the field of cognitive science must merge and balance insights from multiple disciplines. Similarly, effective cybersecurity requires multiple sources and types of information to build an understanding of technology systems and vulnerabilities. When challenged with a task of protecting and understanding a large and increasingly distributed system, a single indicator from a single discipline is not adequate.
Let’s explore some basic definitions of cognitive science disciplines, and how they impact both cognitive science and cybersecurity.
Psychology addresses internal and external human experiences both as individuals and in groups. For cybersecurity, principles of psychology allow us to understand why people are susceptible to threats such as phishing and social engineering, and how systems are impacted by human error.
Application to Cybersecurity: Cybersecurity’s emerging focus on behavioral analytics and biometrics also depend on psychology, which is heavily rooted in measuring and making sense of human behavior. Understanding human psychology is critical for forensic investigations, for constructing insider threat profiles, and to establish when to generate alerts to help with user education.
Philosophy is a critical exploration of reality and knowledge that can guide human belief systems about existence, learning, social systems, and ethics. How we perceive the world—and what we believe about the world—profoundly impacts our thought processes, our ability to learn, and our behaviors.
Application to Cybersecurity: Understanding threats, use of data and surveillance, and even the existence and locations of adversaries, are all philosophical problems in the field of cybersecurity.
Linguistics is the scientific exploration of language. Cognitive linguistics (circa 1970) is directly linked to cognitive science, and addresses topics associated with how language shapes thought and understanding.
Application to Cybersecurity: Cybersecurity often depends on language, and understanding behavioral context through language. For example, classification of documents and understanding where private data exists on a network can be supported through text mining and text analytics. In addition, the text generated by users can identify risk factors or regulatory violations.
Anthropology is the exploration of humanity, typically through a cultural or evolutionary lens. Its relevance to cognitive science is in how humans build shared knowledge, engage in interpreting their environments, and how knowledge shapes the way humans relate to, and act within, the world.
Application to Cybersecurity: Cybersecurity, and online social interactions, represent the cutting edge of anthropological work. As recent news cycles suggest, our opinions, behaviors, and understanding of global events are heavily shaped by our interactions with technology. Cybersecurity professionals, particularly in social media domains, can better understand the behavior of trolls and bots through cultural and cognitive anthropology.
Artificial Intelligence is machine and/or computer simulation of human intelligence. Its goal is to create increasingly autonomous learning and reasoning through a range of strategies including speech recognition, natural language processing (see linguistics), and machine vision. Applications of AI may be specific (e.g., built to support a well-defined or specific need) or broad (e.g., built to cope with less familiar, unstructured situations or topics with little human intervention).
Application to Cybersecurity: Cybersecurity professionals and strategists are continuously grappling with how, when, and whether it’s safe to use AI. For a deeper look at this subject, you can download the presentation slides from our VP of Research and Intelligence, Raffael Marty's, talk on AI and Machine Learning at Black Hat 2018.
Neuroscience, more specifically cognitive neuroscience, examines the biology of thinking and cognition. It provides a deep understanding of neurons, neural circuits, and the parts of the brain that allow us to perform mental processes.
Application to Cybersecurity: In cybersecurity, neuroscience has profoundly impacted information processing, network design, computational modeling, and sensor development—and continues to inspire innovations in building tools to improve knowledge representation and reasoning in technology.
We hope this post revealed the connections between cognitive science and cybersecurity, and provided insight into our multidisciplinary efforts to provide the best human-centric cybersecurity solutions. When reading through, we also hope you recognized how many of these factors impact your daily life. Hey Siri, what comes next for cybersecurity?