Col. Ret. Zohar Rozenberg, VP Cyber Investments at Elron, spoke in the 3rd International Symposium on Cyber Security Cryptology and Machine learning, about the opportunities and challenges associated with ML/AI based cyber security solutions.
Guest post by Adir Alon adir@davidmalits.com
“Easier access to data for building ML/AI solutions can become the turning point of cybersecurity,” says former Head of IDF’s Cyber Department
Col Zohar Rozenberg of Elron, an Israeli VC company, spoke at the International Symposium in Israel about how data for ML/AI can be a huge advantage when building a suitable defense against cyber-attacks. He said that even though this route “sounds very promising…, (and) can be the real next phase of cybersecurity; the question becomes how real it can get?”
According to Col Rozenberg, “the world needs ML/AI based solutions that are wider than just scanning files”. This is because the amount of data as well as the attack surface in organizations are “infinite”, and “deterministic and rule-based solutions” are insufficient. Additionally, there simply aren’t enough skilled cybersecurity personnel to go around. Therefore, “we need machines to replace many more tasks and to perform tasks humans are either poor at or can’t even perform”.
Moving on to what the challenges are, he said that the first problem is “getting quality data”. “Many ML applications need users data to train on. With GDPR and other privacy regulations, that is not an easy task”. The problem is that companies developing cybersecurity solutions don’t have access to the data they need; and “those who have the data can’t give it to you”.
In another point, he painted the following scenario: “assume a vendor did everything right and managed to reach a point where he has a good solution, working with good results, and even finds a customer to buy and install it”. According to him, progress like this is also fraught with challenges. “In a world with accelerated technological change and thrive for digitization, how fast does the data change in a way that can put the ML out of calibration?”.
In closing, he admitted that even though data and ML can turn the tables on the attack/defense dynamic, “there might still be areas where the attackers’ ML will have an advantage” like in situations where “an attacker deploys an ML attack engine to learn the DDOS defense system’s logic and then learn how to bypass it.”. According to Col Rozenberg, “As an industry, together with academia, we need to work much more on how to get the right data, how to make the training process more and more efficient, cheaper, easier”.
Colonel (Ret.) Zohar Rozenberg is the VP of cyber Investments at Elron. He retired as a colonel after 20 years at IDF’s 8200 unit where he led and directed several innovative projects and organizations. He was also involved in the founding of the National Cyber Bureau and the formalization of the Israeli national cyber strategy. In 2008, he received Israel’s highest defense award. Col. Rozenberg holds a B.S in Electrical Engineering and an M.B.A from Tel Aviv University.