Step up to cognitive era with Watson for cyber security

New information technologies such as Cloud, IOT and Mobile and social computing are changing the way our society works and the way companies do business. Technological innovation and increased adoption of electronic platform has enhanced communication , automated complex processes and provided a wealth of information that can be processed into useful actions .

Today billions of devices are inter-connected. This opens a door to more potential vulnerabilities and exposes company’s most valuable assets to new security risks.

To achieve optimal security companies have to invest in smart security technologies. A few years ago protecting computer networks from attacks consisted of having good access

controls and a solid perimeter defense including but not limited to firewalls, anti-virus so

ftware and web gateways.

Unfortunately, humans continue to count on walls, whether made of digital technology or stones, to protect them. Today these methods are not the most sufficient approach for safeguarding your assets. The mistake is assuming everything outside is bad and everything inside is good. Internal networks have entered the era of Zero Trust. Every device and user inside a network must not be considered any more trustworthy than unknown devices and users outside the firewall.

Once a hacker is inside a network, the perimeter defenses becomes more of a trap than a protection. Most organizations have come to learn this the hard way. Attacks are getting more sophisticated, malware comes in new forms and hackers are continuously using modern tools trying to penetrate into systems. The perimeter defenses of yesterday are no match for today’s attack vectors.

Shift towards cognitive Security Cognitive security is the use intelligent systems to analyze security trends and distill enormous volumes of structured and unstructured data into information, and then into actionable knowledge to enable continuous business improvement and security . Cognitive technologies are helping intelligence analysts grapple with today’s unprecedented levels of financial crime,terrorism, and other serious global cyber threats.

Cognitive systems can ingest terabytes of unstructured data rapidly and allow analysts to more quickly query it , surface hidden connections among entities within it and get investigators the information they need in time to act. Cognitive technologies such as natural language processing, pattern recognition and machine learning tap-into the explosion of unstructured data can hold the key to breaking a case.

Cognitive security involves training a new generation of cognitive systems. These systems ingest , reason and learn security topics. When an incident occurs, it taps into structured and unstructured security data then devises a threat research process to perform knowledge and threat discovery on the offense.

It then gives results and recommendations about the threat. An analyst can then perform further actions based on the recommendations by the systems and send the information along with evidence and key insights returned to incident response team to take remediation.

What is Watson of Cyber security? Watson for Cyber security is a cognitive security system that understands information security language. Cognitive security is characterized by technology that is able to understand, reason and learn information security . A much greater scale of relevant data is now accessible with Watson that can process and interpret the 80% of today’s unstructured data.

Watson can ingest a corpus of knowledge and then this knowledge is enhanced as security professionals interact with this system. As time goes by it’s knowledge base grows and continues to observe behaviors and events,distinguishing bad from good and the ability to leverage integrated defenses to block the new threats get stronger. Watson processes a new information at a speed that can surp asses any human ability. By making security analyst more effective and accelerating the response to emerging threats, Watson will improve level of confidence and risk control and help to address the current skills gap in security industry.

The volume of threat data and security incidents exceed the capacity of even the most skilled security professional. Watson for Cyber Security taps into unstructured data that is (research papers, websites, blogs) and correlates this data with local offenses. This augments a security analyst ability to understand and identify threats.

Watson is the first augmented intelligence technology designed to power cognitive Security Operation Centre (SOC). It integrates with IBM security intelligence solution – QRadar- helps uncover hidden threats and automate insights revolutionizing the way security analyst work. Watson also generates reports on threats in a matter of minutes. Speeding up both threat detection time and response time.

As the cognitive security community grows, and the viability of new attacks is diminished, cyber crime will enter into a new economic reality. Efforts to develop malware that evades detection will become increasingly complex and costly. Cognitive security will empower security analysts with the capabilities to find early warnings of potential attacks and significantly increase attack detection. Cyber criminals will find the payoffs to be harder and harder to achieve.