Story image

IBM Watson has a new job: Cognitive cybersecurity expert

15 Feb 2017

The industry’s first augmented intelligence tech will be used to power cognitive security operations centres (SOCs).

Watson has spent the past year training in cybersecurity language from more than one million security documents. It can now help security analysts parse through natural language research reports previously inaccessible to security tools.

Watson for Cyber Security will be integrated into IBM’s Cognitive SOC platform, fusing cognitive technology with security operations.

IBM research shows that security teams spend more than 20,000 wasted hours per year chasing false positive. Security operations centres will keep up with the anticipated doubling of security incidents over the next five years.

IBM QRadar Advisor with Watson is the first technology to use Watson’s insights, now inside IBM’s global network of X-Force Command Centres.

QRadar is also being used by Avnet and other global customers.

"Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team's ability to respond accordingly,” says said Sean Valcamp, Avnet CISO.

IBM is putting Watson to use not just in cybersecurity, but in other areas of the business.

Watson has been powering an IBM chatbot which is being used to interact with IBM Managed Security Services customers.

On top of that, IBM’s new research project ‘Hayvn’ uses a voice-powered security assistant that uses Watson conversation technology to respond to verbal commands and natural language from security analysts, such as updating analysts on new threats and recommended remediation. It is still in the testing phase.

Looking at the SOCs themselves, IBM says cognitive technologies will be a crucial part of keepimg up with threats. Within the next 2-3 years, cognitive tool usage is expected to triple from its current 7% rate.

Denis Kennelly, IBM Security’s vice president of development and technology, says the cognitive SOC is now a reality in the fight against cyber threats.

"Our investments in Watson for Cyber Security have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime,” Kennelley says.

IBM Security is also looking to take Cognitive SOC to endpoints, by launching IBM BigFix Direct, a new endpoint detection and response solution. The company says EDR will be accessible and actionable so that analysts can understand and act on threats across endpoints through a single platform.

The IBM Cognitive SOC will also use technologies such as i2 for cyber threat hunting and IBM X-Force Exchange, the company says. 

Zoom’s new Rooms and Meetings features
Zoom has released information about the upcoming releases for its Rooms and Meeting offerings for 2019.
Aussie company set to democratise direct-to-orbit IoT access
Adelaide-based Myriota has released a developer toolkit that has been trialled and tested by a smart waste management platform.
Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
Dynatrace takes pole position in APM Magic Quadrant
It placed highest on Ability to Execute and furthest on Completeness of Vision in the 2019 Quadrant for Application Performance Monitoring (APM).
HCL and Xerox expand strategic partnership
Under the terms of the agreement, HCL will manage portions of Xerox’s shared services, including global administrative and support functions.
Avaya expands integration with Google Cloud AI
This includes embedding Google’s machine learning within conversation services for the contact centre, enabling integration of AI capabilities.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Poly appoints new A/NZ managing director, Andy Hurt
“We’re excited to be bringing together two established pioneers in audio and video technology to be moving forward and one business – Poly."