How to Make Artificial Intelligence Core to Your Cybersecurity Strategy

In the post COVID-19 world, businesses are looking for ways to be more agile and reduce latency driven by traditional ways of working. This is not only reflected in their back-office processes but also in their customer facing ones. They are increasingly relying on hyper automation and artificial intelligence (AI) to solve complex business problems. Cybersecurity and risk programs should be part of this AI-led approach. With the need to reduce operating cost across enterprises, AI has become the hallmark for driving the 3Es – Efficiency, Economics and Experience.

Understanding what the AI technologies can do for you, how you can get past the adoption hurdles, and how to achieve non-linear growth in speed, scale and agility are some of the biggest challenges we face when considering the use of AI in cybersecurity and risk. In addition, use of AI solutions should not be interpreted as “replacing a team” but instead, complementing your team to increase productivity. As such, the use of AI should be core to your cybersecurity strategy.

Common AI methods applied across cyber

There are several techniques that are commonly used in AI such as deep learning neural networks, decision trees, Monte Carlo methods, clustering, ranking, linear classifiers (Fisher’s method, Support Vector Machine), Bayesian Statistical Inference, Markov chain, Linguistics, and Bias. These are broadly applied across seven methods, described below and in Figure 1:

1. Machine Learning (ML) instills discipline, empowering systems with the ability to learn without explicitly being programmed. AI will find patterns within the data to predict the outcome of something that was never seen before, enabling cybersecurity and risk programs to scale without human intervention.
2. Neural Network is a method by which a system develops and replicates how humans learn. It helps map relationships between enormous amounts of data and therefore gives the ability to translate data input of one form into a desired output, usually in another form.
3. Robotics include design, build, and use of machines to perform tasks done traditionally by human beings using static/dynamic rules and machine models.
4. Expert Systems emulate the decision-making ability of a human that has been designed to solve complex problems by reasoning through bodies of knowledge, represented mainly as if-then rules rather than by conventional procedural code.
5. Fuzzy Logic (FL) is a heuristic approach that resembles human reasoning. It allows for enhanced decision-tree processing and complements rules-based programming.
6. Natural Language Processing (NLP) provides the ability to understand text in the same manner as a human being. Combining computational linguistics with statistical, machine learning, and deep learning models, these technologies enable computers to process human language in the form of text to understand its full meaning, so that they can automatically perform repetitive tasks.
7. Named Entity Recognition (NER) extracts information from data. For using AI / ML models in the cyber security space, the contextualization needs to be very specific to understand the various terminologies of the security domain.

Figure 1: Common AI methods for cyber and their impact 

Applicability of AI across cyber

According to Wipro’s State of Cybersecurity Report 2020, 49% of the cybersecurity patent filings were in the AI/ML and data science space. The report also predicted that over a 12-to-16 month period, AI/ML and SOAR (security orchestration, automation and response) will become mainstream to cybersecurity automation. 

The application of artificial intelligence should be explored across all facets of cybersecurity from the perspective of process efficiency and business outcomes. This requires reimagining the existing business processes to embrace a robust and effective approach. The matrix in Figure 2 highlights key cyber domains and how they map against AI methods. 

• Identification of problem statement: Application of AI is context driven and based on use case. Having a clear understanding of the problem helps architect the right AI capabilities.
  
• Validation of candidates for AI enablement: Not every process and use case will have the same effect of AI on it. A cost benefit analysis should be done to avoid wasting resources.
  
• Defining the model: Choosing the right model is imperative for positive results, given the different types of AI and data.  Business goals, scalability, and complexity of data are important considerations when building an AI model. The training of these models as well as checks and regular re-training is important, as the accuracy of the models depends on the trainings.
• Accuracy of data: A good data set is imperative for an effective AI solution. Data issues such as noise, outliers, and missing values can negatively impact results. Regular testing and data validation is required for best results. The accuracy and effectiveness of the ML models and AI engines depends wholly on the data sets used in training.
• Data applicability: While the AI algorithms may not be biased, the data they consume may be. For optimal results, ensure that data feeds are as objective as possible.
  
• Testing model: The impact of varying inputs should be considered for each machine model for long term learning and enhancement of the model and to drive effective predictions. This should include testing of the models for bias and drifts, which often happens over a period of time.
• Adoption strategy: Change is difficult, and if users do not use a new solution, it will not deliver the promised benefits. An adoption strategy with focus on human centric change management should be put in place.
• Dedicated learning time: AI solutions grow more effective over time, as the data set increases in size and the machine model learns from it. Deployment roadmaps should account for this along with the reinforced learning.
• Safeguarding the implementation: Adversaries are increasingly interested in targeting ML systems through traditional attacks resulting in opportunities for data poisoning, extraction of confidential ML model data, etc. Such attacks, if successful, can be leveraged to effect favorable transactional outcomes for adversaries.

How can Wipro help you in your cyber-AI journey?

Wipro’s Cybersecurity and Risk Services partners with the Wipro HOLMES™ team comprising data scientists, stewards, and engineers skilled in AI techniques. Combined with Wipro’s rich technology heritage, we can provide our customers a holistic AI-enabled business transformation service. 

Figure 3: Holistic AI-enabled transformation

Considering the factors that make AI enablement a success, Wipro has created a delivery framework for AI-enabled transformation in cyber:

Figure 4: Wipro's delivery framework

Wipro HOLMES™, Wipro's AI and automation platform, is the bridge between foundational AI algorithm builders and applied AI. The HOLMES platform handles all your needs from building, publishing, metering, governance to monetization of heterogenous AI solutions. It can act as a standalone platform to provide solutions you need and act as a complementary platform with AI capabilities. This flexibility provides Wipro the ability to work with its customers and provide the same set of capabilities on the customers’ infrastructure and platforms

Figure 5: Wipro HOLMES framework

Wipro has been recognized for its holistic AI-enabled transformation solutions:

• Everest Group Advanced Analytics & Insights Services PEAK Matrix™ Assessment 2020: Wipro has been positioned as a Leader for its focus on Advanced analytics and Insights Services to accelerate clients transformation journey into an intelligent enterprises. Wipro HOLMES™ has been called out as a strength for enabling self service and intelligent diagnostics for enterprises.
• Forrester Wave™: AI Consultancies, Q3 2019: Wipro has been positioned as a Leader. A highlight of the report is how Wipro has extended its HOLMES AI platform to support more business-centric and industry-oriented solutions.
• IDC MarketScape for worldwide AI services 2019: Wipro has been positioned as a leader. According to the report, Wipro positions its AI services for model management and custom insights - as key enablers for clients in helping businesses build intelligent enterprises.
• Application Automation Service Providers 2019: Everest Group has positioned Wipro as a leader in the Application Automation Service PEAK Matrix™ assessment.

If you are interested in knowing how Wipro is helping our clients achieve their vision of a transformed AI-powered cybersecurity system, connect with us at cybersecurity.services@wipro.com.

Saugat Sindhu
Global Head - Strategy & Risk Practice - Cybersecurity & Risk Services, Wipro

Saugat is currently leading a team of diverse professionals that provides clients business advisory, management consulting, technology enablement & intelligent automation-based transformation services. He leverages Wipro’s HOLMES ecosystem along with alliance partnerships to bring forth cyber and risk process enhancement strategy and solutions that solve business problems of economics, efficiency, and experience.

Supported by:

Partho Pratim Das
Group Head, HOLMES