CIO opinion
CIO OPINION
“
EVERYONE
MUST UNDERSTAND THAT
SECURITY ISN’T AN IT
PROBLEM, DATA SECURITY
IS A BUSINESS PROBLEM.
Chester Wisniewski, Principal Research Scientist in
the Office of the CTO, Sophos
//////////////////
Expert informs
business leaders
on how to maintain
a positive approach
to cybersecurity
The evolving cyberthreat
landscape is forcing
C-level executives to
improve or adapt their
defence strategies.
Chester Wisniewski,
Principal Research
Scientist in the Office
of the CTO, Sophos,
tells us why a proactive
approach can contribute
to building a positive
security culture and
defend against attacks.
46
INTELLIGENTCIO
H
How can smart technologies
like AI and ML contribute
to monitoring or preventing
cybersecurity attacks?
I think we’re in the really early stages
of seeing the benefits from this and the
initial thing everybody’s done, including
us, is think about how we use it to
enhance the protection we’re providing
at different places in the attack chain.
But I think where the real value is going
to lie in the long term will be focused
on augmenting the humans so that we
become more efficient at what we do.
The challenge for humans is managing
the ridiculous quantities of data we have
coming in – humans simply cannot deal
with it. This is where Machine Learning
and AI come into play.
Humans are really good at taking a quick
look at something and immediately
recognising whether it’s good or bad and
machines are terrible at it. When you look
at how you measure the effectiveness
today of a Machine Learning algorithm
blocking for anti-malware, it’s measured
on what’s called a rock curve. That means
that you’re measuring it because you
have to decide on how aggressive you
want to be because if you move too
far one way, you find all kinds of false
positives and detect all the bad stuff and
if you move too far the other way, you’re
getting very poor detection but you’re
never wrong. The challenge lies in how
www.intelligentcio.com