For now, it’s humans vs. humans

Cyber attacks are among the biggest threats to businesses, governments, and institutions today. The Identity Theft Resource Center notes that nearly 178 million personal records were exposed in data breaches in 2015; high-profile breaches announced in 2016 include the Department of Homeland Security and the Federal Bureau of Investigation.

According to Earl Perkins, research VP at Gartner, who spoke at the 2016 Gartner Security & Risk Summit on the top 10 strategic planning assumptions for security through 2020, 99 percent of exploited vulnerabilities are already known. Alarming, isn’t it?

Unfortunately, we tend to rely on firewalls as a defense. But firewalls will not stop a determined hacker. For now, it’s just humans who try to anticipate what the other human might do before they do it.

So how does artificial intelligence play into this? At a recent webinar, Santosh Varughese, president and CEO of cognitive surveillance company Cognetyx, gave insight into how AI can be a valuable ally when it comes to defending against hackers. AI can be trained to constantly learn patterns in order to identify any deviation in it, much like a human does.

The war is coming

Machine learning, a component of AI, applies existing data to constantly improve its functions and strategies over time. It learns and understands normal user behavior and can identify even the slightest variation from that pattern, such as if an employee logs in from New York when the office is in Texas. But besides gathering information to detect and identify threats, AI can use this data to improve its own functions and strategies as well.

This technology exceeds human capabilities by leaps and bounds. If you asked a person to filter through massive amounts of information that included logins, computer usage, and system infrastructure, they would never be able to keep on top of all that data. AI, on the other hand, can handle all of this information quickly, effortlessly, and on a 24/7/365 basis.

Is AI the future of cybersecurity?

Private sector businesses and corporations have already deployed AI systems, and as the White House notes, even some governments are using the technology. Why? Because AI can save time and money by going through structured data quickly, as well as comprehensively reading and learning unstructured data, statistics, words, and phrases. Essentially, AI could save tax dollars as well as national secrets.

Still, loopholes exist. Hackers are trying to figure out ways to beat the machines, sneaking in through cracks we didn’t know existed. Right now, months go by before an organization detects a data breach. By then, the hacker is long gone, along with all the sensitive data.

On the other hand, AI can sit back, collect data, and wait for a hacker to get messy. AI looks for behavioral abnormalities that hackers are bound to display — for instance, the way a password is typed or where the user is logging in. AI can detect these small signs that otherwise might have gone unnoticed and halt the hacker in their tracks.

Any system can be exploited, as Varughese noted. In the constant chess match of cybersecurity, human hackers will always probe the weaknesses in every system — including AI. Artificial intelligence is programmed by humans, and thus can still be defeated. While AI’s ability to synthesize and process information is impressive, it can only work as well as it was programmed to.

As hackers adjust to AI systems, human programmers will have to deploy new countermeasures. The cat and mouse game will continue, but AI forms a welcome reinforcement in the war to protect data.

This article originally appeared on VentureBeat. All rights reserved.