“Any sufficiently advanced technology is indistinguishable from magic.” The quote is not mine, but from Arthur C. Clarke And it's the third adage of what is considered "Clarke's Three Laws," which sums up his vision of technology and the future. As a technologist, I've traveled extensively around the world and have presented on stages across five continents.
I'd like to use, to lay the groundwork for my article, another interesting quote from Ridley Scott's original Blade Runner film: "I've seen things you people wouldn't believe," says the late actor Rutger Hauer in his role as the replicant—a robot—Roy Batty. This message applies especially, if I may say so, to the impressive developments in Artificial Intelligence and Machine Learning and the way the cybersecurity industry uses techniques and advances in the field to enhance human abilities, to amplify our capabilities as human beings.
Machine Learning
Machine learning, in its three most developed forms (unsupervised, reinforcement learning, and deep learning), will change the way a cybersecurity analyst deals with different sources of information with billions of events per day.
Actually, why am I speaking in the future tense? I think society should embrace the times we're living in and call them "The Future... of NOW," "The Future... So Present." And the reason behind that is because Machine Learning is changing (that's the tense I wanted to use) the approach to threat detection and how we can adapt and adopt cybersecurity processes not only to identify and prevent, but also to correct a mistake, predict the cybercriminal's next move, and, in short, stay committed to the mantra: "Protect and defend, protect and defend, protect and defend."
Having researched the subject in depth, I believe the world's engineers are fulfilling the promise of the origin of the term "Deus ex Machina" (God from a machine). In ancient Greece, when there was a problem in a play, when someone forgot their script or there was a problem on the stage, they would bring a God or Goddess by crane (the machine) onto the stage, and then, for the audience, marveling at the deity's presence, "everything was resolved."
A "God from a machine" has the power to change destiny and can help us mortals get through the day with ease. I believe machine learning has that power, and the industry has already designed the appropriate technology to understand threats in real time, to understand a company's infrastructure, its network design, and its entry/exit vectors in order to protect and defend it with human talent and machine power.
The algorithm (the machine) is capable of the unthinkable when it comes to data mining, (super) correlation of information, since it does what it does best tirelessly, without complaining, without having a bad day (which we humans have).
A good machine learning discipline is one that is able to "see" behavioral patterns, predict the form of an attack, and how to defend itself. The key here is that the algorithm can somehow be trained with different types of attacks, learn methods for gaining privileged access, lateral movements, and even adapt in real time to the situation or attack it suffers. In fact, an excellent machine learning approach is one that is even capable of learning from its mistakes, from false positives, and, as a result, is always at its best, in its best possible shape, without needing to sleep and without complaining.
This approach provides unmatched power and consistency in the field of cybersecurity. However, it also gives hope to those who will use Artificial Intelligence and Machine Learning in the attack vector to cause harm and create evil. Unfortunately, cybercriminals are designing tactics, techniques, and procedures (TTPs) that leverage existing capabilities in Machine Learning. What I mean by this is attacks with zero or minimal human intervention, attacking 24/7, using LLMs (Large Language Models)…
As scary as it may seem, this belongs to the future… right now. And one of the most effective ways to counter this is with powerful machine learning capabilities, with consistent and coherent technology. A phrase from the company I work for is, “The internet changed everything. Now, with AI, everything must change, everything will change.” It’s essential to understand the future… so present, and how professionals must design a robust and solid approach to combat algorithms that come from the bad side of the equation. Ultimately, it will be a (cyber)war, and we have to be ready for it.
Human Teaching
As a teacher, I believe in human potential… along with the power of machines. Let's let the machines do their work… but let's not forget to be human. We're not fighting AI or machine learning, but rather collaborating with those disciplines. For me, that's not just machine learning, but human teaching: harnessing our knowledge and codifying it for the common good. In the coming war, it will be a question of who has the best technology. They, to attack; we, to protect and defend.
That's why we must remain faithful to our commitment to training, to raising awareness, and to elevating the quality of our digital knowledge. And because "I've seen things you wouldn't believe," this is my message to everyone: it's about understanding, embracing, and leading technological change while the bad guys continue trying to overcome the barriers of protection and defense. It's not just about Machine Learning, but about what we learn along the way. Welcome to the era of Human Teaching.
If you want to know more about artificial intelligence and cybersecurity, visit our blog
