Mr Gruber proves to be highly quotable and illustrates the design philosophy behind CyberSift in an impassioned but clear way. He starts off with introducing a concept he later calls “Humanistic AI”:
I think the purpose of AI is to empower humans with machine intelligence
This echoes internal discussions we have in CyberSift, when discussing how to approach the cybersecurity problem — except at CyberSift we call it “Intelligence Augmentation”, a term coined in 1956 by William Ross Ashby in his Introduction to Cybernetics. An image that we use time and time again to illustrate the difference between this concept and “Artificial Intelligence” as we’ve come to think of it today is the following:
The image pretty much sums up the difference: AI tends to be designed in such a way as to replace or substitute human work while IA enhances humans by layering situational awareness and response on top of already considerable human capabilities.
At mark 2:25 of the Ted talk, Mr Gruber brings up a good example of the use in AI in cancer diagnosis. He points out that AI had a good detection rate:
… which however still wasn’t as good as a human:
The interesting part is when the study combined humans and AI in a collaborative manner — the results outperformed those of humans or AI individually:
By combining the two, the AI reduced the human error rate by a massive 85%! Mr Gruber noted that while AI tended to have a higher rate of false positives than humans, it was more likely to catch tricky or difficult-to-spot cancers. So the human doctors acted as discriminators and helped reduce false positives while AI increased their efficacy by pointing out the more subtle cancers.
Mr Gruber then goes on to my favorite quote of the entire talk:
This is exactly what we are trying to do with CyberSift. As a security analyst and penetration tester myself, it was clear from the start that especially in the cybersecurity field, it will be very difficult for any AI to completely replace a human. After all — we’re up against intelligent, determined yet malicious humans.
We didn’t want to design a service that’s just a black box, siphoning data and attempting to do everything on it’s own. Instead, we wanted a service that is able to ingest data from tools you may already have deployed in your environment, enrich that data with context from threat intelligence feeds, and have our machine learning algorithms highlight that behavior, which was unusual in a way which allows security analysts to make decisions more effectively and efficiently. We wanted CyberSift to enable the often overworked SOC analysts to do their jobs quickly and more easily — resulting in a shorted detection and mitigation time, and cost savings for any business.
As Mr Gruber puts it towards the end of his talk — “Help us do what we want to do, only better.” — that’s what we aim to do at CyberSift.
Liked this article? ❤️ it!
CyberSift is only going to get better — with the help of clients and pilot sites. Interested in learning more? More info at https://www.cybersift.io/
David Vassallo is the CTO @ CyberSift.io
