DarkReading.com reported “Most security teams can benefit from integrating artificial intelligence (AI) and machine learning (ML) into their daily workflow. These teams are often understaffed and overwhelmed by false positives and noisy alerts, which can drown out the signal of genuine threats.” The September 28, 2023 article entitled “Looking Beyond the Hype Cycle of AI/ML in Cybersecurity” (https://www.darkreading.com/vulnerabilities-threats/looking-beyond-hype-cycle-ai-ml-cybersecurity) included these comments:

AI and ML are often confused, but cybersecurity leaders and practitioners need to understand the difference. AI is a broader term that refers to machines mimicking human intelligence. ML is a subset of AI that uses algorithms to analyze data, learn from it, and make informed decisions without explicit programming.

When faced with bold promises from new technologies like AI/ML, it can be challenging to determine what is commercially viable, what is just hype, and when, if ever, these claims will deliver results. The Gartner Hype Cycle offers a visual representation of the maturity and adoption of technologies and applications. It helps reveal how innovative technologies can be relevant in solving real business problems and exploring new opportunities.

But there’s a problem when people begin to talk about AI and ML. “AI suffers from an unrelenting, incurable case of vagueness — it is a catch-all term of art that does not consistently refer to any particular method or value proposition,” writes UVA Professor Eric Siegel in the Harvard Business Review. “Calling ML tools ‘AI’ oversells what most ML business deployments actually do,” Siegel says. “As a result, most ML projects fail to deliver value. In contrast, ML projects that keep their concrete operational objective front and center stand a good chance of achieving that objective.”

While AI and ML have undoubtedly made significant strides in enhancing cybersecurity systems, they remain nascent technologies. When their capabilities are overhyped, users will eventually grow disillusioned and begin to question ML’s value in cybersecurity altogether.

What do you think?

First published at https://www.vogelitlaw.com/blog/maybe-ai-amp-ml-are-not-really-working-in-cybersecurity