What are your top challenges implementing AI/ML?

Top Answer : Using the basic statistical modeling and unsupervised learning doesn't help because cyber security doesn't have a label data concept.  You go to Netflix or Amazon.  They look at users behavior and they’re able to tune the algorithms, and increase accuracy. But in cyber security, there's no label data. The traditional approaches of figuring out signal versus noise did not work, so now we are looking at newer ways of doing things, where you're teaching the machines to think like a self driving car.  Meaning, not just through the unsupervised learning, but looking at how a really skilled human would go figure things out.  So that's where this is headed right now.

8 views
4 comments
1 upvotes
Related Tags
Pink Terminal
Software
Using the basic statistical modeling and unsupervised learning doesn't help because cyber security doesn't have a label data concept.  You go to Netflix or Amazon.  They look at users behavior and they’re able to tune the algorithms, and increase accuracy. But in cyber security, there's no label data. The traditional approaches of figuring out signal versus noise did not work, so now we are looking at newer ways of doing things, where you're teaching the machines to think like a self driving car.  Meaning, not just through the unsupervised learning, but looking at how a really skilled human would go figure things out.  So that's where this is headed right now.
0 upvotes
Green Cloud
Oil, Gas and Mining
How does one as a security practitioner or an engineering leader go about identifying capability and quality? There's a lot of new things getting released and dropped, but it's not just about evaluation of capabilities. How, as a security or engineering practitioner, do you go about doing your assessment to see where you add value? You could be in a really mature landscape where maybe some of those AI or ML type rules that certain products offer don't provide you as much value upon an assessment or a POC. Does that mean that the product really doesn't add value? Not necessarily.  So as we have this kind of dynamic, does that mean that AI and ML tools will always benefit a less mature landscape better? Possibly.
0 upvotes
Orange Cloud
Software
I'm an infrastructure guy. I do some security, but mostly infrastructure. It was around 3-5 years ago where AI help desks and bots started coming along and maturing. At my last company, we kind of dabbled in it and pushed ahead with a company that helped us. They claimed that they had closed 40% of our tickets.  It didn't turn out that way.  Maybe it was the way that we actually designed it and the way we're inputting and outputting our tickets. We were in the middle of crazy growth too. So we didn't have time to concentrate on a lot of tools at the time, but what it did do for us, once we got our KBS and everything in there, people started using it and just asking basic questions, like where do I find my benefits? How do I get to this thing? How do I use zoom?
0 upvotes
Black Charger
Software
We've got the same issues that some companies face, like visa does, where you're talking about millions or billions of transactions a day coming through the systems and you need to be able to quickly parse through there and figure out what's going on. So for us to make our products work and for the customers to get what they need out of it, the system has to be able to quickly discern what's normal and what's not. And come back and say, “Hey, this is something to look at.” And that's a constantly evolving process for us, making sure that that works in a way that not only is efficient, but it comes back with an answer that's not two days later. With attacks, it's fast. You need to know now. You need to be able to say, “something's happening,” two seconds ago, or “it’s happening right now,” instead of “hey, I crunched this overnight,and I think you may want to check on what happened yesterday.” And I think one of the big issues that we see there and why you see our big platforms are on the cloud is that it requires a lot of computing power. And, that's one of the big reasons that you see our product is now SAS-based. Because trying to do it on premise for customers means you can't get the horsepower that was required to get that data crunched fast enough to give people access to what they want without having huge gobs of machines. And the only way to do that today is to use the cloud.
0 upvotes