Research for Better IT Security
Cognitive Computing meets Security: eight American universities are working with IBM on a pilot project that deploys IBM's Watson as an IT security alarm. The goal is to support corporate IT security experts in the analysis, assessment and monitoring of cyber threats. IBM used this year's CeBIT fair in Hannover to present a variety of different application scenarios for Watson.
Beyond this, Watson will also issue recommendations for suitable security countermeasures in the event that an attack is detected. Starting this fall, roughly 200 IT students at the universities participating in the pilot program will feed a massive amount of relevant data into the cognitive system and begin training it for its coming responsibilities.
"Many IT security managers are overwhelmed by the constantly rising flood of data they need to handle. Identifying security holes then turns into more or less looking for a needle in the proverbial haystack," notes Gerd Rademann, Business Unit Executive for Security Systems at IBM DACH. "We are thus focusing on the use of cognitive Watson technologies to better combat cyber criminality in the future. The learning system can process and analyze very large volumes of data in real time, identify patterns and anomalies quickly and furthermore make recommendations for potential countermeasure strategies," he continued.
The need is there: recent studies have shown that companies experience some 200,000 indications of security incidents each day on average. The incidents are generally not critical in nature, but handling them costs roughly 21,000 man hours per year, or 1.3 million dollars.
IBM's goal is to fill Watson with up to 15,000 security documents a month. This includes reports from the IBM X-Force team, which has been researching cyber-security for more than 20 years. Those reports represent the cumulative knowledge of the IT security experts on over eight million spam and phishing attacks, as well as 100,000 documented system vulnerabilities.
The pilot project will offer new options for fighting cyber risks. It has to, given that data is moving faster than ever through virtual space from point A to point B. This in turn opens new vectors for cyber-criminals: attacks are occurring more and more frequently and have assumed a scope almost beyond the capacity of individual IT managers to address. The goal of the cooperation between the universities and IBM is thus to support cognitive IT security solutions designed for quicker and more effective responses to acute threats.