Machine learning in cybersecurity

The emerging field of machine learning (ML) is driving transformations across industries. But while we’re still in these relatively early stages of the integration of machine learning into cybersecurity operations, its current (and potential future) applications are not widely understood. 

Saeed Abu-Nimeh (Founder and CEO at SecLytics) is someone who absolutely does understand the intersection of ML and cybersecurity. As a leading thinker in this space, he’s driving innovation that will enable cybersecurity professionals to leverage ML to streamline predictive security processes. 

Abu-Nimeh will be heading to Riyadh to share his expertise at Black Hat MEA 2024. Ahead of the event, we caught up with him for a quick glimpse into his perspective. 

Could you describe the relationship between machine learning and cybersecurity right now?

“Some security products leverage ML to detect anomalies in user behaviour or network traffic. There are misconceptions in the security industry about the application of machine learning in cybersecurity. 

“Some engineers think that by leveraging ‘big data’ concepts, databases, or techniques that they are leveraging machine learning – and that’s not true. The core benefit of ML is to be able to predict an outcome by training a model on historical data (aka ground truth).

“And sometimes people just use machine learning and predictive analytics as buzz words. Again applied correctly, machine learning can be extremely valuable in cyber security as we can leverage it to learn from past patterns and detect deviations from the norm.”

What are the possibilities of ML that are most exciting to you?

“Leveraging generative AI and LLMs in automating a lot of the tedious tasks that SOC analysts perform daily, especially in the first level of incident response.” 

If you could tell all organisations to do just one thing to upskill their teams for developments in cybersecurity (or cyber threats) in the future, what would it be?

“They need to move from being reactive to being proactive. Waiting until they are hit with attacks then reacting does not help. They need to invest more in technologies, training and procedures that enable their security teams to become more proactive.” 

How has your perspective on security changed over the course of your career?

“Looking 15 years back, most threat detection was done leveraging signature-based detection. Then we moved to the application of machine learning to detecting threats. When COVID-19 hit there was a need to protect people working from home. So we saw a surge in zero trust and SASE. And after people started migrating to the cloud now we are seeing a need for cloud security.”

Finally, why are events like Black Hat MEA valuable to you?

“Black Hat is an excellent event to learn about new research, trends and security products – and for networking with peers in the industry.” 

Thanks to Saeed Abu-Nimeh at SecLytics. Register now to attend Back Hat MEA 2024 and immerse yourself in learning directly from the leading experts in cybersecurity.