Computing giant IBM has deployed its supercomputer Watson for cyber security following a year-long research project.
Watson is an artificially intelligent computer system capable of answering questions posed in natural language. The supercomputer shot to fame after it beat expert "Jeopardy" quiz show contestants in 2011, and is named after legendary IBM president Thomas Watson.
The supercomputer has traditionally been used in different industries, including healthcare, banking, contact centres and education.
Yesterday, IBM Security announced Watson for Cyber Security, a new cloud-based version of the company's cognitive technology trained on the language of security. To further scale the system, IBM plans to collaborate with eight universities to expand the collection of security data IBM has trained the cognitive system with.
The announcement comes at a time cyber security threats are on the rise. According to the 2016 Verizon Data Breach Investigations Report, 2015 was a year in which many of the same security threats arose as did in years past. There were also signs of rising trends in threats to security, such as ransomware and nation state attacks.
Cognitive security
IBM says training Watson for Cyber Security is a critical step in the advancement of cognitive security. The computing company notes Watson is learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks and threats that could otherwise be missed.
It adds the announcement is part of a pioneering cognitive security project to address the looming cyber security skills gap. IBM efforts are designed to improve security analysts' capabilities using cognitive systems that automate the connections between data, emerging threats and remediation strategies.
The computing company intends to begin beta production deployments that take advantage of IBM Watson for Cyber Security later this year.
IBM's X-Force research library will be a central part of the materials fed to Watson for Cyber Security. This body of knowledge includes 20 years of security research, details on eight million spam and phishing attacks, and over 100 000 documented vulnerabilities.
The volume of security data presented to analysts is staggering, says IBM. The average organisation sees over 200 000 pieces of security event data per day, with enterprises spending $1.3 million a year dealing with false positives alone, wasting nearly 21 000 hours, it adds.
Couple this with 75 000-plus known software vulnerabilities reported in the National Vulnerability Database, 10 000 security research papers published each year and over 60 000 security blogs published each month, security analysts are severely challenged to move with informed speed, it points out.
Designed on the IBM Cloud, IBM says Watson for Cyber Security will be the first technology to offer cognition of security data at scale using Watson's ability to reason and learn from "unstructured data".
Skills crisis
IBM will also incorporate other Watson capabilities, including the system's data mining techniques for outlier detection, graphical presentation tools and techniques for finding connections between related data points in different documents.
"Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we'd still have a skills crisis in security," says Marc van Zadelhoff, GM of IBM Security.
"The volume and velocity of data in security is one of our greatest challenges in dealing with cyber crime. By leveraging Watson's ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations and knowledge to security professionals, bringing greater speed and precision to the most advanced cyber security analysts, and providing novice analysts with on-the-job training."
Share