Understanding Cognitive Security in Cybersecurity
For almost a century, we’ve programmed computers to help solve complex problems. We can now simulate weather, sequence genomes and instantly share data across the world. But ask a computer to do something humans do every day—recognize an image, read a book or explain the meaning of a poem—and it’s a different story. Traditional systems fail to be compatible.
The same is true for security. For decades, we’ve programmed computers to recognize viruses, malware and exploits. We continuously tune them to become more accurate, but it’s not enough. Adversaries constantly morph their attacks and find creative ways to breach defences. What organizations need is the ability to detect the slightest change in activity and analyze it with as much context as possible to distinguish and eliminate new threats.
Fast fact: The average organization experiences 200,000 security events per day, with security analysts attempting to harness insights from 60,000+ security blog posts published every month and wasting countless hours chasing false positives.
Cognitive systems are self-learning systems that use data mining, machine learning, natural language processing and human-computer interaction to mimic the way the human brain works.
By helping to make security analysts more effective and accelerating the response to emerging threats, cognitive security will help to address the current security skills gap, bringing heightened levels of confidence and risk control.
Check out the following video that introduces one of IBM cognitive security solutions: Watson for Cyber Security.
Cognitive security is the implementation of two broad and related capabilities:
- The use of cognitive systems to analyze security trends and distil enormous volumes of structured and unstructured data into information, and then into actionable knowledge to enable continuous security and business improvement.
- The use of automated, data-driven security technologies, techniques and processes that support cognitive systems’ having the highest level of context and accuracy.
From compliant to cognitive
Since the age of the first networks and the hackers who soon followed, we’ve evolved security technology to stop attacks. To date, there have been two distinct eras of cybersecurity: perimeter controls and security intelligence. These serve as building blocks as we enter the third era—cognitive security.
Perimeter controls: security that confines (pre-2005)
The goal was to lock down and restrict access to sensitive information via passwords and a range of access control strategies. Success meant passing an audit. While perimeter defences are still in use, they are not sufficient by themselves for today’s environment.
Security intelligence: security that helps you think (2005+)
Security intelligence uses analytics to detect deviations from regular patterns, uncover changes in network traffic and find activities that exceed defined levels. Security intelligence can not only help detect compromises faster but also reduce false positives to save time and resources.
- Cognitive security: security that understands, reasons and learns at scale (2015+)
Built upon security intelligence, which leverages big data analytics, cognitive security is characterized by technology that is able to understand, reason and learn. A much greater scale of relevant security data is now accessible with cognitive systems that can process and interpret the 80% of today’s data that’s unstructured, such as written and spoken the language.
Now tell us your own side of this story.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also join our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also join our WhatsApp Group Here.