Story image

IBM Watson has a new job: Cognitive cybersecurity expert

15 Feb 2017

The industry’s first augmented intelligence tech will be used to power cognitive security operations centres (SOCs).

Watson has spent the past year training in cybersecurity language from more than one million security documents. It can now help security analysts parse through natural language research reports previously inaccessible to security tools.

Watson for Cyber Security will be integrated into IBM’s Cognitive SOC platform, fusing cognitive technology with security operations.

IBM research shows that security teams spend more than 20,000 wasted hours per year chasing false positive. Security operations centres will keep up with the anticipated doubling of security incidents over the next five years.

IBM QRadar Advisor with Watson is the first technology to use Watson’s insights, now inside IBM’s global network of X-Force Command Centres.

QRadar is also being used by Avnet and other global customers.

"Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team's ability to respond accordingly,” says said Sean Valcamp, Avnet CISO.

IBM is putting Watson to use not just in cybersecurity, but in other areas of the business.

Watson has been powering an IBM chatbot which is being used to interact with IBM Managed Security Services customers.

On top of that, IBM’s new research project ‘Hayvn’ uses a voice-powered security assistant that uses Watson conversation technology to respond to verbal commands and natural language from security analysts, such as updating analysts on new threats and recommended remediation. It is still in the testing phase.

Looking at the SOCs themselves, IBM says cognitive technologies will be a crucial part of keepimg up with threats. Within the next 2-3 years, cognitive tool usage is expected to triple from its current 7% rate.

Denis Kennelly, IBM Security’s vice president of development and technology, says the cognitive SOC is now a reality in the fight against cyber threats.

"Our investments in Watson for Cyber Security have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime,” Kennelley says.

IBM Security is also looking to take Cognitive SOC to endpoints, by launching IBM BigFix Direct, a new endpoint detection and response solution. The company says EDR will be accessible and actionable so that analysts can understand and act on threats across endpoints through a single platform.

The IBM Cognitive SOC will also use technologies such as i2 for cyber threat hunting and IBM X-Force Exchange, the company says. 

Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Bitdefender invests in A/NZ with new offices and regional director
Bitdefender has opened its Partner Advantage Network (PAN) programme with the aim of recruiting and supporting its over 500 local resellers.
Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.