Be warned: AI won’t fix all your security issues

Be warned: AI won’t fix all your security issues

With ransomware attacks and data breaches now regular mainstream headlines, cyber-security is more pressing than ever. And plenty of companies are now offering ever-more extravagant ways to protect your company’s information.

For AlienVault, however, the message is always about simplicity. The San Mateo, California-headquartered company’s main offering is USM (Unified Security Management) and the Cloud-based USM Anywhere; a five-point, pre-integrated and pre-configured security stack combining Asset Discovery, Behavioral Monitoring, Vulnerability Scanning, SIEM, and IDS.

“It's like the Anti-Ikea,” says Javvad Malik - Security Advocate at Alienvault. “Rather than giving you a bunch of tools and then leaving you to follow the diagram and assemble it yourself, we assemble everything for them.”


Security hygiene vs machine learning

Given this focus on making everything as simple and user-friendly as possible, it’s little surprise that Malik and AlienVault Threat Engineer Chris Doman don’t put much stock in the recent trend for pushing ‘AI’ into every aspect of cyber-security.

“There is a mentality whereby people predict technologies are a lot closer than they actually are in reality,” says Malik. “And this is why we have themes coming up year in and year out at these conferences; the Cloud was being spoken about 10 years ago, and it's only really matured in the last couple of years.”

“Similarly, machine learning isn't there at the moment. Either you use it internally as a vendor to compliment your processes or you're only really selling that capability to the top 1% of companies out there that really, really on the front foot on the security front, and say ‘I'm really looking for this specific type of fraud or another indicator’.

“That's not to say all the vendors are bad or what have you, but I think that the use cases and the applications are quite limited at the moment.”

Both agree with the assertion that many of these companies are simply just nice features – which Malik compares to offering someone ‘the best skateboard wheel in the world’ when they are in fact after a full skateboard and hence no good as a solution – or are just waiting to be acquired by a larger player and therefore largely unconcerned about the value they actually offer to the customer.

“It does look like a lot of startups are going to machine learning as the buzzword to get funding,” says Doman. “I used to work at a company that did just machine learning and I think snake oil is a big problem in the industry.”

“We do actually do machine learning at Alien Vault but we mix it with humans. We use it as part of everyday tasks.”

Both agree, however, this AI/Machine Learning trend is just the latest in the security startup industry cycle.

“If you look at a few years ago, Insider Monitoring was a big thing when Red Owl won the innovator award at RSA,” says Malik. “And based on that, there was a dozen other companies that sprung up within the year.”

“But the thing is most of them have just stagnated. It's a great feature, it's a great thing, but it doesn't solve the wider problems of the company. And machine learning is about three years behind that.”

“The majority of other companies, basic hygiene; patching, segregation, having some base level of admin controls, Identity Access Management, and threat detection; by just focusing on that you cover 80-90% of stuff and will make your company unattractive enough of a target to get overlooked and [then cyber-criminals will] move on to someone else.”


Also read:
Sophos: Basics needed to swerve security apocalypse
Zonefox: AI snake oil and hype cycles
The future of machine learning in cybersecurity: What can CISOs expect?


«C-suite career advice: Neil Eatson, Appraise Digital


The CMO Files: Ben Geller, Datical»
Dan Swinhoe

Dan is Senior Staff Writer at IDG Connect. Writes about all manner of tech from driverless cars, AI, and Green IT to Cloudy stuff, security, and IoT. Dislikes autoplay ads/videos and garbage written about 'milliennials'.  

  • twt
  • twt
  • Mail

Recommended for You


Latin America’s push towards digital transformation

Keri Allan looks at the latest trends and technologies


Meeting Owl brings new wisdom to conferencing

Martin Veitch's inside track on today’s tech trends


A rare glimpse inside the Chinese cybercrime underground

Phil Muncaster reports on China and beyond

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?