Security Gets Smart(er) with AI: A SANS Survey...MACHINE LEARNING AI MATH MODEL SECURITY ADMIN...

Post on 13-Sep-2020

0 views 0 download

Transcript of Security Gets Smart(er) with AI: A SANS Survey...MACHINE LEARNING AI MATH MODEL SECURITY ADMIN...

©2019 SANSTM Institute | www.sans.org

Security Gets Smart(er) with AI: A SANS Survey

1

©2019 SANSTM Institute | www.sans.org

Today’s Speakers

• Ray Davidson PhD, SANS Analyst and SANS Instructor

• Barbara Filkins, Senior SANS Analyst

• Bret Lenmark, Senior Product Marketing Manager, BlackBerry Cylance

2

©2019 SANSTM Institute | www.sans.org

Today’s Agenda

• Goals & Objectives

• Demographics & Definitions

• Capabilities & Criteria

• Risks & Recommendations

3

©2019 SANSTM Institute | www.sans.org

Goal/Objective:

Determine perceptions and intentions of InfoSec practitioners, with the goal of facilitating communication and increasing security

4

Why Are We Here?

©2019 SANSTM Institute | www.sans.org 5

To AI or Not to AI?

©2019 SANSTM Institute | www.sans.org

• Learning: Altering behavior based on past experiences, e.g. when encountering new and unseen situations

• Memory: Encoding, storage and retrieval of experiences

• Reasoning/Abstraction: Drawing logical conclusions and generalizing based on sample data

• Problem-Solving: The capability to systematically come up with possible solutions and derive the best answer to a problem

• Divergent Thinking: The capability to generate multiple solutions to a given problem

6

AI Functionality

©2019 SANSTM Institute | www.sans.org 7

AI Example: Threat Detection

©2019 SANSTM Institute | www.sans.org

• Weighted toward SMBs (<5000 workforce)

• Top industries

– Tech & Cybersecurity

– Banking/Finance

– Education/Government

• 3:1 Staff-to-Management Ratio

8

Demographics

©2019 SANSTM Institute | www.sans.org 9

Specific AI Technologies

©2019 SANSTM Institute | www.sans.org 10

Planning AI Applications

©2019 SANSTM Institute | www.sans.org 11

AI Enables Cybersecurity

©2019 SANSTM Institute | www.sans.org 12

AI Maturity—Opinions Vary

©2019 SANSTM Institute | www.sans.org

• Loss of privacy due to large quantity of data used

• Over-reliance on a single, master algorithm

• Not understanding the limitations of the algorithms used

• Inadequate protection of data/metadata used by AI platform

• Improperly or inadequately trained solutions

• Lack of visibility into decisions reached through AI

• Selection of the wrong algorithms for the problem being solved

13

Primary Risks

©2019 SANSTM Institute | www.sans.org

• Implementers:

– Know your use cases, and plan for specific applications, preferably with quantifiable outcomes.

• Providers:

– Expect skepticism → “Artificial Intelligence” has been a hot new thing for 60 years.

– Get specific about technology and results, and what’s different now.

14

Recommendations

Cylance AI

Bret Lenmark

Senior Product Marketing Manager

March 26, 2019

W E M A K E S O F T W A R E T H AT P R E D I C T S ,

then blocks, cyber attacks on the endpoint in real time using

pre-execution artificial intelligence algorithms.

TRADITIONAL AV

NEW MALWARE

(LAST 24 HOURS)

COLLECT TRIAGE AND

CLASSIFY

HUMAN MALWARE

RESEARCHERS

AND AUTOMATION

SIGNATURE

FILE

SECURITY ADMIN

UPDATES

TEST

SIGNATURE FILE

DEPLOY

SIGNATURE

CLOUD

THREAT DB

t0 t1 t2 t3 t4

t5 t6 t7

ALL KNOWN

MALWARE

ZERO-DAY

MALWARE

+

THE CYLANCE SOLUTION

CYLANCE NEXT GENERATION AI / AV

ALL KNOWN

MALWARE

MACHINE

LEARNING

AI MATH

MODEL

SECURITY

ADMIN UPDATES

DEPLOY TO

ENDPOINTS

~9 MONTHS

t-1t0

ZERO-DAY

MALWARE

CYLANCE NEXT-GENERATION AI / AV

Bad Files

Good Files

Every few months

AI Math Model Deploy To EndpointsMachine Learning

CylancePROTECT

leverages the power of

machines, not humans,

to dissect malware’s DNA.

Artificial intelligence then

determines if the code

is safe to run.

WHAT WE DO NOTWHAT WE DO

©2019 SANSTM Institute | www.sans.org

Please use GoToWebinar’s Questions tool to submit questions to our panel.

Send to “Organizers” and tell us if it’s for a specific panelist.

Q&A

22

©2019 SANSTM Institute | www.sans.org

And to our attendees, thank you for joining us today!

Acknowledgments

Thanks to our sponsor:

To our special guest:

23

Bret Lenmark