Essays Tagged "SecurityIntelligence"

Page 1 of 1

Machine Learning Will Transform How We Detect Software Vulnerabilities

  • Bruce Schneier
  • SecurityIntelligence
  • December 18, 2018

No one doubts that artificial intelligence (AI) and machine learning will transform cybersecurity. We just don’t know how, or when. While the literature generally focuses on the different uses of AI by attackers and defenders — and the resultant arms race between the two — I want to talk about software vulnerabilities.

All software contains bugs. The reason is basically economic: The market doesn’t want to pay for quality software. With a few exceptions, such as the space shuttle, the market prioritizes fast and cheap over good. The result is that any large modern software package contains hundreds or thousands of bugs…

Security Orchestration for an Uncertain World

  • Bruce Schneier
  • SecurityIntelligence
  • March 21, 2017

Last month at the RSA Conference, I saw a lot of companies selling security incident response automation. Their promise was to replace people with computers—sometimes with the addition of machine learning or other artificial intelligence (AI) techniques—and to respond to attacks at computer speeds.

While this is a laudable goal, there’s a fundamental problem with doing this in the short term. You can only automate what you’re certain about, and there is still an enormous amount of uncertainty in cybersecurity. Automation has its place in incident response, but the focus needs to be on making the people effective, not on replacing them—security orchestration, not automation…

Lessons From the Dyn DDoS Attack

  • Bruce Schneier
  • SecurityIntelligence
  • November 1, 2016

A week ago Friday, someone took down numerous popular websites in a massive distributed denial-of-service (DDoS) attack against the domain name provider Dyn. DDoS attacks are neither new nor sophisticated. The attacker sends a massive amount of traffic, causing the victim’s system to slow to a crawl and eventually crash. There are more or less clever variants, but basically, it’s a datapipe-size battle between attacker and victim. If the defender has a larger capacity to receive and process data, he or she will win. If the attacker can throw more data than the victim can process, he or she will win…

Sidebar photo of Bruce Schneier by Joe MacInnis.