Daniil Peshkov/123RF

What’s The State Of AI In Cybersecurity Today? 20 Experts Share Their Insights

  • 27 September 2019
  • Sam Mire

Each day we put more and more information about ourselves online, whether we're aware or not. That data ranges from innocuous to potentially life-altering should it fall into the wrong hands. It's imperative that we deploy the latest technologies to fight cybercrime and strengthen the infrastructural future of cybersecurity. With that said, where does AI stand as a tool for cyber defense?

These cybersecurity industry insiders shared their opinions on that question with us. Here's what they said:

1. Mike MacIntyre, Chief Scientist, Panaseer

“AI certainly has a lot of promise but as an industry, we must be clear that it's currently not a silver bullet that will alleviate all cybersecurity challenges and address the skills shortage. This is because AI is currently just term applied to a small subset of machine learning techniques. Much of the hype surrounding AI comes from how enterprise security products have adopted the term and the misconception (wilful or otherwise) about what constitutes AI.”

2. Einaras von Gravrock, CEO of Cujo AI

Cybersecurity experts and cybercriminals use the same AI-driven technology to reach their own goals. Cybercriminals invent new ways to distribute malware and extract user information. Cybersecurity experts seek to stop them and prevent cybercrime. 

It can be a struggle to think one step ahead of criminals, as the situation changes continually. It’s an intense time in the industry, and with new technology emerging (5G) or maturing (IoT), it will get even more challenging. Luckily, cybersecurity is becoming a priority among world leaders and technology experts. With increasing awareness, more professionals are joining the cause and seeking to create solutions that fight crime online.”

3. Omar Yaacoubi, co-founder and CEO of Barac

AI has become somewhat of a buzzword in cybersecurity today, with company after company adding it into their marketing materials as a capability. While there’s no doubt that machine learning, behavioral analytics and the myriad of other AI tools are growing more sophisticated and prevalent each day within the industry, it’s debatable whether all of the cybersecurity vendors that advertise the use of AI actually use it, in the proper sense at least.

 There are many native AI-based companies out there whose sole solution is based on AI rather than incorporating AI into traditional products, but the waters can still be a little murky. It would be advisable, when looking in to a cybersecurity solution, to do a bit of digging to see if their techniques really are using AI the way they say they are.”

4. Chris Day, Chief Cybersecurity Officer for Cyxtera

“AI is increasingly utilized to assist with detecting adversary activity in complex cyber telemetry. The idea is that AI is more likely to detect anomalies and complex attack patterns than a human operator or a signature-based system.”


5. David Chavez, Vice President of Avaya Incubator at Avaya

“Cybersecurity heavily relies on analytics and some of the most useful analytic visualization tools rely on AI. However, AI can also be used to find the hallmarks of cyber-intrusions-new traffic patterns, new server requests, and new patterns of data access. When used with AI models trained on recognizing previous attacks, the ability to recognize some of the threats is much more straightforward and at many times easier to adapt to.”

6. J.J. Guy, COO of JASK

“Automation has proven to be a valuable asset for a variety of different security tasks — from network analysis, data crunching, email scanning, behavioral modeling and more. While AI is still far from a cybersecurity “silver bullet”, its effectiveness continues to improve across a variety of tools within the enterprise security stack. Currently, AI is helping security teams reduce the manual burden that comes with protecting organizational assets, and will only improve at that ability over time.”

7. Aby Varghese, Chief Technology Officer at UIB

The state of AI in the cybersecurity industry today is one of “adoption.” Cybersecurity systems and more importantly, the people who run them, are adopting AI to help them to make better decisions by having AI analyze data patterns, analyze data deviations from patterns, and use predictive analysis to make better use of their data.”

8. Joshua Crumbaugh, Chief Hacker/CEO at PeopleSec

“It's primitive and too often focussed on the wrong goals.  I believe that there is too strong of an emphasis on using AI to replace humans and too little an emphasis being put on using the power of AI to empower people to do their jobs better.   I believe that the greatest way AI can contribute to the human race is to augment people to perform better with fewer errors through the assistance of AI.”

9. Dr. Murat Kantarcioglu, Professor of Computer Science at The University of Texas at Dallas

With the advancement of security incident and event management systems that collect more and more data, it is almost impossible to analyze all the collected data, therefore leveraging AI to analyze this data automatically emerged as a critical need. There are many companies, start-ups and research labs that try to bring AI to different aspects of cybersecurity.

These range from applying AI at the network layer (e.g., analyzing network packet and traffic data) to data layer (e.g., analyzing access to SQL and NoSQL databases). Furthermore, there are existing efforts that try to leverage AI for insider threat detection.”

10. Eyal Benishti, founder and CEO of IRONSCALES

“AI is becoming crucial in helping defend against the increasing volume and sophistication of threat actors. Across the industry, there’s a shortage of SOC skills and resources. These trends are forcing organizations to look for AI-based solutions to quickly classify threats and help security teams focus on responding to the most critical incidents.”

11. Vinay Sridhara, CTO at Balbix

“Enterprises have been increasingly using AI to enable their cybersecurity teams to get an accurate idea of breach risk by analyzing up to several hundred billion time-varying signals across their network. This enables chief information security officers (CISOs) and corporate security teams to continuously analyze a high-volume, high-velocity cybersecurity data and gain real-time visibility into their company’s breach risk.”

12. Raul Popa, CEO of TypingDNA

AI is used by most Cybersecurity vendors now to improve their services, to detect, prevent and predict attacks, fraud, and risk, but also to limit their effects over legacy systems. Current models and algorithms used in production are not the most advanced out there, and definitely there is a new wave coming in the next years based on the research being conducted today.”

13. Kevin Landt, VP of Product Management at Cygilant

“AI is primarily a supplement to existing cybersecurity technologies today. Vendors are adding machine learning and AI to traditional products to make them more intelligent and reduce false positives. Security teams have struggled with devices that produce a lot of alerts, and AI has been deployed to filter out that noise so you can respond to the alerts that matter.”

14. Emma Maconick, Partner in the Intellectual Property Transactions Group at Shearman & Sterling

Given the increasing role of AI in cybersecurity, it has become a key focus for institutional investors, regulators and public company boards. Ransomware attacks, theft of personally identifiable information and vulnerability exploits continue to fill headlines, and company directors should remember the importance of their oversight role in managing risk and cybersecurity matters, including how their companies are using AI.

Although many boards have been slow to focus on these issues, this appears to be changing, as the actions of institutional investors and governmental authorities are heightening expectations.”

15. Anuj Goel, CEO and co-founder of Cyware

“- Natural Fit. Cybersecurity inherently involves repetitiveness and tediousness. This is because identification and assessment of cyber threats require scouring through large volumes of data and looking for anomalous data points. 

– Understanding the consequences of the attack and the response needed from the company also requires further data analysis. AI algorithms can be trained to take certain predefined steps in the event of an attack and over time can learn what the most ideal response should be through input from cybersecurity subject-matter experts. 

– AI is a valuable tool for in its ability to correlate vast amounts of data from a variety of sources. This level of correlation is important for informing security teams about the incidents that they are investigating and making teams more educated and efficient at processing analytics. 

-AI can provide details on potential incidents using anomaly detection and clustering. It can also assist with the risk scoring of incidents needing investigation. This data can be used to better inform humans who are working to make decisions about security incidents.”

16. Carl Hasselskog, co-founder and CEO fo Degoo

“At this point AI is past being the new kid in cloud computing and we’re currently seeing companies start to implement AI technologies in more subtle ways that improve the experiences of customers without being intrusive or showy. When it comes to storage, for example, cloud providers have developed algorithms that best recommend photos, files and other documents they expect you to be searching for before you even realize it yourself.”

17. Ambuj Kumar, CEO of Fortanix

“AI is emerging today to build the best AI models by performing analytics from various sources of data. There is a growing trend of processing sensitive data outside the trust boundary or processing data from multiple external data sources, each owned by a different party. Compliance requirements dictate that people working on these datasets, possibly in untrusted environments, do not have access to the sensitive data they're processing. Secure enclave-based computing ensures that data remains completely protected while being processed. The AI application runs inside secure enclaves and only the results of the computation are revealed.”

18. Stacy Stubblefield, co-founder and Chief Innovation Officer at TeleSign

“We now see many applications of AI in our daily lives. Computer systems routinely perform tasks that require human intelligence, like playing a game of chess or language translation. However, what most don’t see is the AI being used to protect your online browsing, shopping and messages.AI in cybersecurity is a rapidly growing market. As more companies begin to release products and platforms leading to a more digital lifestyle, the need for protection becomes stronger. AI in cybersecurity is just starting its momentum.”

19. Rodrigo Orph, co-founder of CVEDIA

“We've been able to develop thorough heuristics for cybersecurity. Heuristics is AI-driven behavioral analysis. The AI analyzes the behavior of software in real-time to see if it finds anything strange so that it can react faster.”


20. Chris Bates, VP of Security Strategy, SentinelOne

“There are two main approaches for AI-based malware detection on the endpoint right now: looking at files and monitoring behaviors. There are two main approaches for AI-based malware detection on the endpoint right now: looking at files and monitoring behaviors. The former approach uses static features — the actual bytes of the file and information collecting by parsing file structures. Example features for a Windows executable include section count, file entropy, opcode histograms, function imports and exports, and so on. These give clues as to what a file is capable of doing once executed.

The other type of AI-based approach is training a model on how programs behave. The real trick here is how you define and capture behavior. You want to feed your algorithm robust, informative, context-rich data which really captures the essence of a program’s execution. To do this, you need to monitor the operating system at a very low level and, most importantly, link individual behaviors together to create full “storylines”. For example, if program executes another program, or uses the operating system to schedule itself to execute on boot up, you don’t want to consider these different, isolated executions, but a single story.”

Have expert insights to add to this article?

Share your feedback and we'll consider adding it to the piece!


About Sam Mire

Sam is a Market Research Analyst at Disruptor Daily. He's a trained journalist with experience in the field of disruptive technology. He’s versed in the impact that blockchain technology is having on industries of today, from healthcare to cannabis. He’s written extensively on the individuals and companies shaping the future of tech, working directly with many of them to advance their vision. Sam is known for writing work that brings value to industry professionals and the generally curious – as well as an occasional smile to the face.