Story image

IBM Watson has a new job: Cognitive cybersecurity expert

15 Feb 17

The industry’s first augmented intelligence tech will be used to power cognitive security operations centres (SOCs).

Watson has spent the past year training in cybersecurity language from more than one million security documents. It can now help security analysts parse through natural language research reports previously inaccessible to security tools.

Watson for Cyber Security will be integrated into IBM’s Cognitive SOC platform, fusing cognitive technology with security operations.

IBM research shows that security teams spend more than 20,000 wasted hours per year chasing false positive. Security operations centres will keep up with the anticipated doubling of security incidents over the next five years.

IBM QRadar Advisor with Watson is the first technology to use Watson’s insights, now inside IBM’s global network of X-Force Command Centres.

QRadar is also being used by Avnet and other global customers.

"Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team's ability to respond accordingly,” says said Sean Valcamp, Avnet CISO.

IBM is putting Watson to use not just in cybersecurity, but in other areas of the business.

Watson has been powering an IBM chatbot which is being used to interact with IBM Managed Security Services customers.

On top of that, IBM’s new research project ‘Hayvn’ uses a voice-powered security assistant that uses Watson conversation technology to respond to verbal commands and natural language from security analysts, such as updating analysts on new threats and recommended remediation. It is still in the testing phase.

Looking at the SOCs themselves, IBM says cognitive technologies will be a crucial part of keepimg up with threats. Within the next 2-3 years, cognitive tool usage is expected to triple from its current 7% rate.

Denis Kennelly, IBM Security’s vice president of development and technology, says the cognitive SOC is now a reality in the fight against cyber threats.

"Our investments in Watson for Cyber Security have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime,” Kennelley says.

IBM Security is also looking to take Cognitive SOC to endpoints, by launching IBM BigFix Direct, a new endpoint detection and response solution. The company says EDR will be accessible and actionable so that analysts can understand and act on threats across endpoints through a single platform.

The IBM Cognitive SOC will also use technologies such as i2 for cyber threat hunting and IBM X-Force Exchange, the company says. 

Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Why the future of IT infrastructure is always on and always available
As more organisations embrace digital business, infrastructure and operations leaders will need to evolve their strategies and skills to keep up.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
WatchGuard's global reseller survey finds ransomware top customer fear for 2017
A global survey by WatchGuard has shown that more than 80% of resellers believe their customers are most worried about ransomware and its effects.
IDC: Tablets stay dead, notebooks keep head above water
An IDC report predicts a soft personal PC market, slipping into further decline with the exception of notebooks, gaming PCs, and business PC upgrades.
Deloitte forms alliance with AI analytics company
The strategic partnership aims to combine the companies capabilities to deliver real-time analytics to businesses across Australia.