LIVE FROM MOBILE 360 SECURITY FOR 5G, THE HAGUE: Experts lined up to explain why AI is a critical factor in protecting future networks and devices from cyberattacks, but the technology itself was also highlighted as offering a potential vulnerability.

David Atkinson, founder and CEO of Senseon (pictured), argued AI is “fundamental to 5G security”, explaining his past as an analyst in the military highlighted that “people were the bottleneck” in terms of investigating threat alerts.

“It often felt that no matter how late we stayed and how much coffee we would drink, we would never get through the sheer amount of investigations that we had to”, he said, adding subsequent studies showed only 4 per cent of alerts were actually being investigated at that time.

“It was really during this experience that I thought that the system of cyber-defence was unscalable back then, and certainly into the future.”

Atkinson pointed out the rate at which technology is produced, adopted and used today is staggering. Security problems will be magnified by 5G and human intervention alone will not be enough to keep pace.

“The complexity, the connectivity, the number of devices combined with the velocity of attacks that we’re seeing today makes me extremely nervous when the number of devices are set to treble over the next five years,” he said.

AI approach
Martin Borrett, CTO and distinguished engineer with IBM Security Europe, offered a similar assessment of the strain being place on human security operations centre analysts today.

“There is a tremendous overload in terms of information and alerts. If you work in a security operations centre, you get these alerts on a daily basis, hourly basis, every few minutes, you get massive amounts of information, some of which is a threat and serious that needs to be attended to and some of which is completely benign, it can be safely ignored.”

“And the realities in those security operations centres, the people, the real people working hard on the tools, are struggling to keep up. It’s an intense environment and we’re facing some skills challenges,” he continued.

Borrett noted AI has rapidly developed to the point where it is a viable assistant to human analysis. Whereas around 20 years ago its AI was being used to play chess grand master Garry Kasparov, by 2018 “we’ve used the same technology to actually debate with human debating champions”.

But Mariana Pereira, director of AI cyber defence company Darktrace, noted something of a Catch-22 regarding the use of AI.

A growing number of IoT sensors being deployed by businesses are opening up fields of attack companies had not previously considered or accounted for, something AI can help to address. However, Pereira noted the technology itself is beginning to be used in some attacks. In one case, Darktrace identified malware “where the attacker was using a hearing, an understanding methodology to try and understand what the network was like”.

“We’re starting to see the beginnings of an AI-powered attack really come to life, and there will be no putting that genie back in the bottle once it comes around.”