This series has examined what Artificial Intelligence (AI) actually is, its components, as well as its relevance and importance to Cybersecurity. You may be thinking now, after reviewing the benefits of what AI can bring to the table, that you are ready to deploy it in your business. But keep in mind that this is no easy task, as you are adding in a totally new system that should operate seamlessly with your other security related functions and processes. How you implement an AI system at your business will depend completely upon what the security requirements are, and the assets that currently exist in your IT and Network Infrastructure. You should work closely with the vendor from whom you are procuring your AI system from to work out and finalize all of these details.
A checklist to help you plan for your own AI system
The following is a general checklist that will prove useful in your consideration of the deployment of an Artificial Intelligence system:
- You must find the right kind of data sources to be used. The bottom line is that an Artificial Intelligence system is only as good as the datasets that are fed into it for learning purposes. Therefore, very careful consideration needs to be given to the selection of the datasets you plan to use. For example, the datasets must not only be relevant to the tasks that you are trying to accomplish with your AI system; they must also be the most up to date. In this instance, give serious consideration to using the “SOAR” Model:
With Security Orchestration, you and your IT Security staff will bring together all the available datasets that you are planning to make use of and making them all work together as one, cohesive unit. Some features of Security Orchestration include the following:
- Having a standard set of AI dataset collection processes.
- Providing a single platform in which the AI system can compile and retrieve information and data as they are collected in real time.
- Providing a unified dashboard from which all legitimate alerts and warnings can be further examined.
- Select the right platform. Once you have selected the datasets that you intend to use with your AI system, the next step is to design the platform from which they will be leveraged. In other words, this is the feed that will pump these datasets in. Equally important is to implement some sort of automated Quality Control (QC) check processes to ensure that the datasets are not only current, but that they are also accurate and secure as they are being fed into the AI system.
- Conduct pilot tests of how it all operates. As with any new security technology, you must first confirm that the AI system will actually operate and perform to its expected levels. This should be done in a controlled, or “sandbox,” environment first. To do this, start with those use cases that are most relevant to your security requirements. To confirm that your AI system is starting to learn both effectively and efficiently, start with the simpler ones that have the most current data. Then use this in which to launch more complex use cases and datasets to make sure that the AI system is operating to its expected levels. Once all objectives have been met in this controlled environment, then it should be rolled out into production, where it will work and commingled with the other security tools that are deployed in your business. This is a process that must be conducted on a regular basis to ensure that the AI system is not going “stale”, and remains in an optimal and robust state, as described previously.
- Establish a governance program. After the AI system, you also need to deploy some sort of strategy, or game-plan that will set forth the framework in which your IT Security staff can make sure that the AI system is continually learning, and is delivering on its expected outcomes, based upon the Key Performance Indicators (KPIs) and other metrics that have been set forth. In fact, this is a crucial stage, because you are relying upon it on a daily basis in order to combat and mitigate any existing and potential Cyber Threat variants.
Ready, set, go!
This series of articles has provided detailed information as well as practical implementation advice for any business that is interested in planning for and deploying an Artificial Intelligence system to provide Cybersecurity protection. You may want to revisit this series as you and your team go through this journey together.
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.