More Data Does Not Equate to Better Security

More Data Does Not Equate to Better Security

The reason you often hear people say, "quality over quantity" is because, generally, it’s true. An organization could own every security tool known to mankind, each kicking out truck loads of data, but this does not necessarily mean that these organizations are well protected against security threats and attacks.

Read More »

Deviation From Normal Does Not Always Mean Malicious Intent

Deviation From Normal Does Not Always Mean Malicious Intent

An approach to solving cybersecurity problems is to use machine learning to baseline normal behaviors so that deviations from normal can be identified.  This, at first glance makes perfect sense.  However, there are flaws that must be considered and avoided. 

Threat Intelligence: Non-Malicious Deviations

One of the flaws is that deviations from normal may not be malicious in nature. They may reflect new behaviors that are non-malicious in nature. For example, new software, new policies, new scope of work, or any other of a myriad of changes may cause a deviation from normal. 

Read More »

Can We Possibly Write Cyber Security Intelligence Software that Thinks?

Can We Possibly Write Cyber Security Intelligence Software that Thinks?

Artificial Intelligence in Cyber Security 

This has been the endeavor of many before me, and probably many after me. My hope is that someone, or some group, cracks the barrier to true  cyber security intelligence in my lifetime. It will be a cool thing to witness.

In the meantime, we will continue to write less than true Artificial Intelligence code in order to approach the goal. The phrase "fake it 'til you make it" comes to mind. We can mimic the cognitive processes until we actually author cognition.

Read More »

Artificial Intelligence Saccades in Cybersecurity

Artificial Intelligence Saccades in Cybersecurity

The human perceptual systems are pretty darned amazing. Without our conscious control the brain acts to gather the information needed to construct and mold our perception of reality.

Consider our vision. When something first catches our eyes our brains begin to try and figure out what it is we are seeing. Unconsciously our brain starts jerking our eyes about to gather the information needed to correctly classify that something. This is known as "saccadic eye movement" or "eye saccades".

When we first see a face, our motor cortex takes control over our eyes in order to collect up corroboratory information. Basically, our brain says, "If this is a face, I should see a nose here, an eye here, another eye over here, and a mouth here." Each time the eyes jerk from one location to another, they are collecting information that can confirm or nullify that you are looking at a face.

Read More »

Artificial Intelligence for InfoSec in Cybersecurity is Here (...To Stay)

Artificial Intelligence for InfoSec in Cybersecurity is Here (...To Stay)

Artificial Intelligence for InfoSec (AI) has wavered up and down in reputation over the decades. Sometimes it is seen as being on the brink of great breakthroughs. At other times it is seen as an impossibility. My opinion is; it’s already here. Mostly due to my definition of AI.

Defining Artificial Intelligence for InfoSec

Alan Turing’s definition was written in his paper “Computing Machinery and Intelligence.” He proposed a test that defined AI by judging whether or not the behavior of the machine was indistinguishable from that of a human.

Read More »

Subscribe to Email Updates

Subscribe via RSS to the blog

Recent Posts