Artificial intelligence and machine learning have been potent tools in the fight against cybercrime in recent years. Hackers, not surprisingly, have noticed. Sophos CTO Joe Levy expects them to take action next year, both by assaulting the machine learning engines that good guys rely on and by building engines of their own.
“As the cat-and-mouse game between attackers and defenders continues, we can expect both offensive and defensive machine learning tools of increasing sophistication and effectiveness to develop rapidly,” Levy says. “Over the next year, we expect to see more incidents where cybercriminals attempt to trick machine learning detection and classification models, and even leverage machine learning to generate highly convincing fake content for social engineering attacks.”
Webroot CTO Hal Lonas finds that last possibility especially chilling. “Perhaps the scariest scenario is the use of AI to become a component of the production of deepfakes, where it could be used to automatically edit out artifacts and ‘glitches’ that can be used today to differentiate between real and fake,” he says. “Eventually, we will see a world where we will not be certain that the entity on the other end of any conversation—phone call, email, text, tweet, article, or feed—is human or not.”
The only answer, Levy argues, is to rely on a combination of artificial and flesh-and-blood intelligence rather than AI alone. “By combining human threat hunters with the leading threat intelligence and technologies like deep learning, organizations can detect and contain even the most sophisticated attacks faster, minimizing their impacts and costs,” he says.
More Galleries like This
An updated security awareness training solution from Webroot, an enhanced SD-WAN solution from Citrix, and a forthcoming mobile DNS filtering product from WatchGuard are our final trio of product-related stories from last week’s giant security confab.
Leaders at Tech Data offer advice—and outline steps the distributor has taken—to get partners ready for the future.
What’s now: A strong start for the company’s “Done Deal” program and the rise of specialized MSPs. What’s next: At least three acquisitions, a big RMM update with “disruptive” network management functionality…and quite possibly an IPO.
CharTec, CloudJumper, Connect Booster, EventTracker, Liongard, and newcomer RocketCyber all used the recently concluded conference as a launching pad for news about new solutions and services.