Cybersecurity Warriors Ranks

IBM this week announced Watson for Cyber Security, a powerful new ally for organizations that want to protect their data from Net marauders.

The new offering bolsters the ability of information security pros to analyze the flood of information from the roughly 200,000 events that pour into their Security Operations Centers, or SOCs, every day.

About 20 percent of that flood is comprised of structured data that can be analyzed with database tools, but as much as 80 percent of it is unstructured data such as security blogs, white papers, Twitter feeds and forum threads. It’s data that contains valuable nuggets, but finding them is difficult.

“What Watson does is take all that information — structured, unstructured, as well as other information from the operations center — and put it in a cognitive system,” explained Denis Kennelly, vice president of development and technology at IBM Security.

“There it can be used to help the SOC operator to triage the security events,” he told TechNewsWorld.

While Watson can speed the analysis of data, its threat detection potential is limited, maintained Scott Miserendino, chief data scientist at BluVector.

“It’s primarily an enrichment service,” he told TechNewsWorld.

Betting on Cognitive Tools”Today’s sophisticated cybersecurity threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” noted Sean Valcamp, chief information security officer at Avnet, an early tester of the Watson for Cyber Security system.

“Watson makes concealment efforts more difficult by quickly analyzing multiple streams of data and comparing it with the latest security attack intelligence to provide a more complete picture of the threat,” he said.

“Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly,” Valcamp added.

Only 7 percent of security pros currently use cognitive tools in their workflow, but that is changing, according to IBM, which expects usage to triple in the next two to three years.

That’s because as more and more devices come online, they create a burden on security teams they won’t be able to handle without the help an AI like Watson.

“The attack surface for the attacker is mushrooming,” Kennelly said. “Tools like Watson can help defend against those expanding attack patterns.”

 

Voice-Powered Security Assistant

IBM also announced the Havyn Project, which is developing a new voice-powered security assistant to work with Watson’s data.