Reply to post: AI to solve cyber security - give me a break

Mike Lynch-backed Darktrace to file for London IPO in aftermath of Deliveroo flop

Peter Sommer

AI to solve cyber security - give me a break

Is the fundamental product any good? As I understand it the claim is that by using "artificial intelligence"/"machine learning" a lot of the traditional heavy lifting of conventional cyber security consultancy can be avoided. The various sensors that are placed in a client's system monitor traffic and decide what is normal. Anything abnormal is flagged for attention.

Problem number one: many businesses and organisations are seasonal so that it will take at least a year and possibly two or three before you can feed the machine learning system with enough data to make decisions. How, for example, would such a system have coped with COVID where suddenly there would have been a huge amount of remote accesses and homeworking?

Problem number two: most organisations are constantly developing new services and systems - all the time that your monitoring system is trying to work out what is normal.

Problem number three: any alert system such as we already have for intrusion detection systems is heavily dependent on the sensitivity settings. Too sensitive and you get many false positives; too insensitive and the bad guys get in unannounced. So you require a lot of humans to make judgements as the system produces alerts.

Darktrace seems to be a heavily marketing orientated operation and may account for success by selling to the ignorant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022