Machine learning and AI could be the key to protecting enterprise IT from advancing cybersecurity threats, Cylance CEO Stuart McClure said on Tuesday. According to McClure, who spoke at the 2016 Structure Security conference, he believes these technologies will “save the entire security industry.”
McClure’s company, which bills itself as “advanced threat protection for the endpoint,” uses machine learning to analyze massive amounts of data in an organization and classifies that data automatically. They separate it simply as “good” or “bad” activity, or “good” or “bad” files. This allows users to make faster decisions and act on that good or bad data more clearly.
Cylance, in offering breach protection, is often confused with legacy anti-virus software, McClure said. But, the death of that legacy industry is what prompted his company to explore a new approach to protecting against threats.
SEE: Information security policy template (Tech Pro Research)
People used to ask McClure what he used on his computer to protect himself, and he would say “nothing.” This was because he felt that traditional anti-virus software was broken, and couldn’t keep up. He believed that humans were the bottleneck, and he began to ask himself: “Why can’t we program a computer to do this?”
When high frequency stock trading came along, big data and AI had to become algorithmic to keep up with the sheer number of processes involved. Humans couldn’t keep up with what was going on, even dealing with the massive number of clicks that would need to happen to complete a transaction.
Security is much the same in that, McClure said, humans cannot keep up with the current threat landscape, but machines can. And, Cylance was built on this premise.
The US Office of Personnel Management (OPM) eventually brought Cylance in to help them work on the early days of what would eventually be determined to be a massive breach. McClure said that the firm got their product onto all 12,000 of the OPM machines, and ended up finding 2000 pieces of malware in four days. That included the APT attack that was a part of the breach.
Currently, McClure said, there are three core tenets of cybersecurity: Execution, bypassing or stealing a password, and denial of service. Machine learning has the potential to solve all three of these problems, he said, but we need more tech startups to come up with these solutions to improve security in the future.
The 3 big takeaways for TechRepublic readers
- Cylance CEO Stuart McClure said that AI and machine learning with save the security industry, because humans can no longer keep up with current threats.
- Cylance was brought in by the US OPM to use machine learning to help sift through data and determine if a breach had occurred.
- McClure said that machine learning could help fight against executing, password stealing, and denial of service, but we need more innovation and new companies to build these products.