IBM Adds Voice Help to Cybercrime-Fighting Watson-Powered Weaponry

  • By Dian Schaffhauser
  • 02/13/17

IBM Watson-powered cognitive security operations center. (Credit: IBM)

Remember the scene when the Avengers are in the process of breaking into a Hydra base in "Avengers: Age of Ultron," and virtual assistant Jarvis informs Tony Stark, "The central building is protected by some kind of energy shield. Strucker's technology is well beyond any other Hydra base we've taken"? That really isn't much different from a security analyst making the announcement to his on-campus CISO that a dorm of students has been hit by Locky malware. However, in a vision hinted at by IBM as it officially announced the availability of Watson for Cyber Security, one crucial addition would be extra help so that everybody on the security team would know exactly how to respond to the new threat.

The new Watson security technology is being integrated into IBM's new cognitive security operations center (SOC) platform, which combines the cognitive abilities of Watson with on-the-ground security operations to help cybersecurity teams detect and fight threats across endpoints, networks, users and the cloud.

Several components come into play. IBM QRadar Advisor with Watson is a new app that taps into Watson's "corpus" of cybersecurity data, both structured and unstructured, and then correlates it with local security incidents to augment investigations. Based on the information the app gathers, it formulates a threat query to deliver to Watson for additional processing. The advisor program is available in the IBM Security App Exchange.

Among the users of QRadar Advisor is the University of Brunswick, which was one of eight institutions chosen last year by IBM to help the company adapt Watson for use in cybersecurity work. Computer science students at that time were enlisted to help Watson consume and process massive amounts of cybersecurity data, including two decades of security research, details on eight million spam and phishing attacks and more than 100,000 documented vulnerabilities. Now UNB, along with California State Polytechnic University, Pomona and other organizations, is testing Watson's ability to aid in directly fighting cybercrime.

IBM is also pushing its Global X-Force Command Center work, which sets up managed service "war rooms" for staying on top of cyber threats. Those operations can be on-premise or hosted by IBM and run through the cloud. As part of that line, the company introduced a Watson-powered chatbot, which it uses to interact with its customers. According to the company, clients may ask Watson questions via instant messaging about their security posture or network configurations or execute commands, such as reassigning a ticket to a new support person.

Now it has also begun testing additional technology, code-named "Havyn" (for "haven"), which provides a voice-powered security assistant, a la Jarvis. Havyn was created by IBM "master inventor" Michael Spisak, who worked on the tool with his 11-year-old son. Spisak had been chatting with Watson through the keyboard when his son asked how come he couldn't just talk to Watson. Experimentation with a low-cost Raspberry Pi microcomputer and equally inexpensive 7-inch touchscreen lead to the development of the voice operation, which allowed Spisak to ask the system verbal questions about cybersecurity. Now it's being tested in the field to provide security analysts with updates on new threats that have appeared, along with recommended remediation steps.

The company has also introduced BigFix Detect, a new endpoint detection and response (EDR) program.

"The Cognitive SOC is now a reality for clients looking to find an advantage against the growing legions of cybercriminals and next generation threats," said Denis Kennelly, vice president of development and technology in the security division, in a prepared statement. "Our investments in Watson for Cybersecurity have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • an online form with checkboxes, a shield icon for security, and a lock symbol for privacy, set against a clean, monochromatic background

    Educause HECVAT Vendor Assessment Tool Gets an Upgrade

    Educause has announced HECVAT 4, the latest update to its Higher Education Community Vendor Assessment Toolkit.

  • illustration of a football stadium with helmet on the left and laptop with ed tech icons on the right

    The 2025 NFL Draft and Ed Tech Selection: A Strategic Parallel

    In the fast-evolving landscape of collegiate football, the NFL, and higher education, one might not immediately draw connections between the 2025 NFL Draft and the selection of proper educational technology for a college campus. However, upon closer examination, both processes share striking similarities: a rigorous assessment of needs, long-term strategic impact, talent or tool evaluation, financial considerations, and adaptability to a dynamic future.

  • university building surrounded by icons for AI, checklists, and data governance

    Improving AI Governance for Stronger University Compliance and Innovation

    AI can generate valuable insights for higher education institutions and it can be used to enhance the teaching process itself. The caveat is that this can only be achieved when universities adopt a strategic and proactive set of data and process management policies for their use of AI.

  • DeepSeek on AWS

    AWS Offers DeepSeek-R1 as Fully Managed Serverless Model, Recommends Guardrails

    Amazon Web Services (AWS) has announced the availability of DeepSeek-R1 as a fully managed serverless AI model, enabling developers to build and deploy it without having to manage the underlying infrastructure.