IBM Watson to tackle cyber-crime with cognitive technology
IBM's cognitive security project plans to address cyber-attacks and threats organisations face
IBM Security has unveiled Watson for Cyber Security, a new cloud-based version of IBM's cognitive technology trained on the language of security.
Watson is learning the nuances of security research findings and discovering patterns and evidence of hidden cyber-attacks and threats that could otherwise be missed.
According to IBM's 2015 Cybersecurity Intelligence Index, the average organisation sees over 200,000 pieces of security event data per day, with enterprises spending $1.3m a year dealing with false positives alone, wasting nearly 21,000 hours.
The Watson for Cyber Security project plans to address the cyber-security skills gaps, plus improve security analysts' capabilities using cognitive systems that automate the connections between data, emerging threats and remediation strategies.
"Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we'd still have a skills crisis in security," said Marc van Zadelhoff, general manager at IBM Security. "The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime.
"By leveraging Watson's ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations, and knowledge to security professionals, bringing greater speed and precision to the most advanced cybersecurity analysts, and providing novice analysts with on-the-job training."
Designed on the IBM Cloud, Watson for Cyber Security will offer cognition of security data at scale using Watson's ability to reason and learn from "unstructured data" - 80% of all data on the Internet that traditional security tools cannot process, including blogs, articles, videos, reports, alerts, and other information.
In fact, IBM analysis found that the average organisation leverages only 8% of this unstructured data. Watson for Cyber Security also uses natural language processing to understand the vague and imprecise nature of human language in unstructured data.
IBM will also incorporate other Watson capabilities including the system's data mining techniques for outlier detection, graphical presentation tools and techniques for finding connections between related data points in different documents.
IBM intends to begin beta production deployments that take advantage of IBM Watson for Cyber Security later this year.
As part of a year-long research project, IBM plans to collaborate with eight universities, including California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County (UMBC); the University of New Brunswick; the University of Ottawa and the University of Waterloo.