#RSAC: AI – Lightning in a Bottle, or Burning Down the House?

Written by

Speaking at RSA Conference 2019 in San Francisco Steve Grobman, senior vice-president at McAfee, and Dr Celeste Fralick, chief data scientist at McAfee, explored the evolution of AI and its role in both improving information security and enabling more sophisticated cyber-attacks.

Grobman cited the example of fire, stating it can be both a force for destruction and, when properly controlled, used for many important benefits.

In much the same way, innovations that strengthen our defenses – such as AI – can also be weaponized to fuel attacks against us.

“Artificial intelligence is the new foundation for our entire industry,” Grobman said. “It will enable us to better defend our environments,” and solve key issues our industry faces.

However, we must ask, “are we looking at AI objectively? As with other technologies, we can’t only focus on the potential, we must also understand the limitations, and we must understand how AI will be used against us.

“The challenge, is to capture lightning in a bottle. To unlock the power of innovation, without burning down the proverbial house – all in the service of our cause to better defend the digital world.”

Dr Fralick said that “machine learning and other forms of AI make cyber-criminals better, faster and smarter.”

For example, AI technology being manipulated to create ‘deep fake’ videos for social exploitation, “just shows one way that AI and machine learning can combine to create massive chaos.”

Most people “don’t realize how fragile AI and machine learning can be,” Dr Fralick added. “What’s critical now is the impact of adversarial machine learning on malware classification and other cyber-defense models.”

Clearly, we must recognize that using AI as the foundation of defense requires a different approach, said Grobman. “Understanding the cost of false positives is critical, because false positives can have catastrophic results.

“Let’s be realistic about the advanced power of AI-based technology,” Grobham concluded. “It does solve a host of problems for our industry, but it also intensifies our adversaries’ capabilities.

“It’s how we manage the innovation that is the real story.”

What’s hot on Infosecurity Magazine?