In this exclusive interview with, John Shier, Senior Security Advisor, Sophos, talks about the importance of marrying human interventions with Artificial Intelligence to ensure maximum security.

AI is gaining momentum at a rapid rate. And although it is helping businesses hasten their activities, security remains in question. What is your take on that?

AXIR Consulting

Artificial intelligence is the next tool in our toolbox to fight daily malware. Many malwarestill succeed, however, that is not entirely aligned with technology failing to interfere. Many times, we see that cybercriminals are focused more on exploiting the human rather than the software.

If someone receives an email and deliberately clicks on a link or runs a program, then the technology that’s attempting to prevent that from happening will detect the issue. But, unfortunately, if it’s a credential compromise, then that’s not something technology is meant to reduce unless there is a certain company in charge that deals with authentication. Thus, if users deliberately fill their credentials into a site then that’s exploiting the human rather than technology.

To which extent is human interference still compulsory where AI is adopted?

There is a definite mix of human and computer interaction. Humans are supposed to create the machine learning algorithms that will try to prevent malware from ending up on systems.

Whilst our training gets better with the machine learning, algorithms continuously tweak themselves as well as get tweaked by the humans to get better. Therefore, the human element is always needed because computers are only strong in detecting malware passwords, pictures,…. So, when a computer only accepts complex passwords, ‘Password1234!’ meets the complexity rule, however, a human can plainly see that that’s not a good password!

For that reason, even though machine learning will help to reduce the amount of volume that humans have to deal with, there will always be a need for humans to intervene.

With anyone capable of becoming a cybercriminal today, which path should cybersecurity take to avoid additional threats and crimes?

The increasing number of cyber threats can’t be avoided. However, being ready and protected against those attacks is all about coordinated defence. There are different features and different pieces of technology available today in security that can help to protect against different parts of the threat. That’s why we talk about layered and synchronized security.

Just like humans, security products are not perfect, they will fail from time to time to detect a threat. That’s why the layered approach is needed. If one layer misses a threat, the other layers are able to pick up the slack and provide some backup on any given threat. Moreover, the synchronization part requires different technologies to speak to each other in order to make better decisions.

What are the expected trends in the cybersecurity sector in the near future?

There’s still a lot of consolidation around determining that a security portfolio has all the tools that can be offered to customers to protect them at all these different layers. I think that will continue to happen as more security vendors realize that there are different avenues to protect a customer. They will start picking out the security technologies and security capabilities, and authentication is one of them. In some cases, authentication is part of that security landscape as well. When a continuous authentication is adopted versus a one-time authentication across all platforms, there will be more resilience against issues like financial theft.

Thus, I think we will see a continued move to the cloud, an increased penetration of machine learning across all different security products, in addition to other security companies looking at things like continuous authentication and other service products to add to their portfolios including the existing hardware and software.


Any final statement on security?

Security can be a difficult task to do right all the time; it is a shared responsibility. The more organizations attempting to do security adopt the right solutions, the better we’ll all be in the end. So if you take security to heart and do it right then we all benefit in the end.