Ask an MSP ExpertQ: AI is growing in popularity. How can my 10-employee MSP best leverage AI in day-to-day business? Could directly investing in more AI save me from having to increase my number of staff? 

Don’t put away your human resources hat just yet; artificial intelligence (AI) won’t be replacing the need for humans any time soon. Where AI can help is in freeing up technicians to perform other tasks that might be bogging them down. We’ve said before that the most valuable resource MSPs have is time, and AI can help save it in spades.

Consider, for instance, “false alarms.” We know MSPs often have to scramble to check on intrusions that turn out to be nothing. Sometimes these breaches can be monitored remotely, other times it involves a costly trip to a client’s site. The promise of AI can help alleviate that.

We caught up with Marten van Dijk, computer engineering professor at the University of Connecticut’s School of Engineering, to ask about the role of AI. Van Dijk has been involved in many studies concerning the role of AI in security and system integrity.

“Any Intrusion Detection System (IDS) faces the problem of false negatives — when an attack is missed — and false positives. False positives occur when an attack is reported, when it’s actually a false alarm. In the case of an alarm, a human technician still may need up to 20 minutes to find out whether the IDS is correct or not,” details van Dijk.

These unnecessary service calls can create an incredible drain on technician time. False alarms in networks are not much different from someone pulling a fire alarm at a school. It still has to be evacuated and personnel needs to be deployed to ensure everyone is safe.

Investing in AI-driven technology that can help differentiate between actual and error could prove to be a boon to MSPs looking to save time from chasing non-existent attacks. 

“But this will never make security technicians obsolete,” says van Dijk.

AI gives your MSP more time for client care

What an MSP can and should do is invest in AI-infused security services, firewalls, and continuous back-up tools. Still, as hot as AI is, it’s HI – human intelligence – that remains the most important tool, according to van Dijk.

“It is very important to educate employees on security threats. They need to understand how surfing on the internet, clicking links, and opening files can be dangerous. Employees also often have their own devices hooked up to the business’ infrastructure. This should be carefully thought through,” advises van Dijk.

Other ways MSPs can leverage AI is in detecting not just intrusions, but also malicious behavior. Van Dijk’s team has been working on ways to improve AI learning approaches that continuously improve at proper detection.

Another asset of AI is that it can be used to analyze specific security primitives by playing the “bad guy.” This is a form of virtual role-playing where AI can simulate bad actors. 

“We introduced a new circuit-based, so-called Physical Unclonable Function with a security analysis, showing that it withstands all known current-state-of-the-art machine learning attacks,” explains van Dijk.

Bad guys keep pace with AI to create an arms-race

“We want to do computations securely, but an attacker can often exploit interaction with computations. To find these exploits, an attacker can be helped by machine learning,” describes van Dijk.

He adds that the “defender” should do the same to repair vulnerabilities. The arms race then continues in an intense cycle. For the moment, there are limits.

“Security primitives and crypto protocols ought to rely on the difficulty of solving certain computer science or mathematics problems. We know these problems are hard — even the absolute brightest among us cannot efficiently solve such problems. We also know that an adversary with machine learning capability cannot break such primitives and protocols,” states van Dijk.

For the moment, there are limits to AI. Humans are still very much needed, as they remain the most critical component of good cybersecurity plan.

“In my opinion, the best investment is to educate the whole team on how human behavior can start a cyber-attack,” offers van Dijk.

Photo: issaro prakalung / Shutterstock

Kevin Williams

Posted by Kevin Williams

Kevin Williams is a journalist based in Ohio. Williams has written for a variety of publications including the Washington Post, New York Times, USA Today, Wall Street Journal, National Geographic and others. He first wrote about the online world in its nascent stages for the now defunct “Online Access” Magazine in the mid-90s.

Leave a reply

Your email address will not be published. Required fields are marked *