Skip to content Skip to navigation

IBM Applying Watson Cognitive Technology to Cybersecurity

May 11, 2016
by Heather Landi
| Reprints
Click To View Gallery

IBM’s artificial intelligence platform Watson has won Jeopardy! and has been applied to transforming healthcare, and its now being trained to tackle cybercrime.

IBM Security announced a year-long research project to train Watson’s cognitive computing capabilities to stop hackers as part of the development of the cloud-based Watson for Cyber Security technology.

Watson for Cyber Security is a new cloud-based version of the company's cognitive technology that’s trained on the language of security, according to an IBM Security press release. But before Watson can help combat cybercrime, the computing system has to learn how cyber security works.

As part of the year-long research project, IBM is collaborating with eight universities to “greatly expand the collection of security data IBM has trained the cognitive system with.”

“Watson is learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks and threats that could otherwise be missed,” the company stated.

Starting this fall, IBM will work with a number of universities and their students to further train Watson on the language of cybersecurity, including: California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County (UMBC); the University of New Brunswick; the University of Ottawa and the University of Waterloo.

“IBM efforts are designed to improve security analysts’ capabilities using cognitive systems that automate the connections between data, emerging threats and remediation strategies. IBM intends to begin beta production deployments that take advantage of IBM Watson for Cyber Security later this year,” the company stated in the press release.

For the development of Watson for Cyber Security, IBM will use its X-Force research library as an essential resource. “This body of knowledge includes 20 years of security research, details on 8 million spam and phishing attacks and over 100,000 documented vulnerabilities,” according to IBM.

“The volume of security data presented to analysts is staggering. The average organization sees over 200,000 pieces of security event data per day with enterprises spending $1.3 million a year dealing with false positives alone, wasting nearly 21,000 hours. Couple this with 75,000-plus known software vulnerabilities reported in the National Vulnerability Database, 10,000 security research papers published each year and over 60,000 security blogs published each month—and security analysts are severely challenged to move with informed speed,” IBM stated.

Designed on the IBM Cloud, Watson for Cyber Security will be designed to offer cognition of security data at scale using Watson's ability to reason and learn from “unstructured data”—80 percent of all data on the internet that traditional security tools cannot process, including blogs, articles, videos, reports, alerts, and other information. Watson for Cyber Security also uses natural language processing to understand the vague and imprecise nature of human language in unstructured data, the company said.

Watson for Cyber Security is designed to provide insights into emerging threats, as well as recommendations on how to stop them, increasing the speed and capabilities of security professionals.

“Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we’d still have a skills crisis in security,” Marc van Zadelhoff, general manager, IBM Security, said in a statement. “The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime. By leveraging Watson’s ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations, and knowledge to security professionals, bringing greater speed and precision to the most advanced cybersecurity analysts, and providing novice analysts with on-the-job training.”




Healthcare Industry Organizations Collaborating to Improve Integration between CPT codes and SNOMED CT

The American Medical Association and the International Health Terminology Standards Development Organisation are working together, through a collaborative agreement, to create better integration between their proprietary code sets in support of interoperability and healthcare data analytics.

Vocera to Acquire Extension Healthcare for $55M

Vocera Communications, the San Jose, Calif.-based healthcare communications company, has announced that it has acquired Extension Healthcare for approximately $55 million in an all-cash transaction.

Reports: Issues Arise in 21st Century Cures Act; Delay Possible

The 21st Century Cures Act could be in danger of not passing this year following a statement from a coalition of liberal groups calling into question the bill’s ability to address high drug prices.

ONC National Coordinator Gets Live Look at Carequality Data Exchange

Officials from Carequality have stated that there are now more than 150,000 clinicians across 11,000 clinics and 500 hospitals live on its network. These participants are also able to share health data records with one another, regardless of technology vendor.

American Red Cross, Teladoc to Provide Telehealth Services to Disaster Victims

The American Red Cross announced a partnership with Teladoc to deliver remote medical care to communities in the United States that are significantly affected by disasters.

Report: The Business of Cybercrime in Healthcare is Growing

While stolen financial data still has a higher market value than stolen medical records, as financial data can be monetized faster, there are indications that there is ongoing development of a market for stolen medical data, according to an Intel Security McAfee Labs report.