Security analysts at IBM X-Force Command Centers are now using Watson. (Credit: John Mottern/Feature Photo Service for IBM)
IBM keeps doubling down on Watson, the company’s heavily-marketed cognitive software that has won Jeopardy! and reportedly helped find treatments for patients with cancer. Now IBM’s putting Watson onto the case in the cyber security field.
Watson for Cyber Security, announced by IBM on Monday, takes the same core capabilities of Watson—the ability to read millions of documents and terabytes of information to derive insights a human might not spot—and puts them into a security operations center. With security officers at large corporations sometimes scanning several hundreds of thousands of events happening over their networks each day, IBM says it can add another line of defense by proactively helping to spot breaches and hacking attempts that might slip through unnoticed, then making suggestions on the best response.
“This is breaking new ground,” says Mark van Zadelhoff, general manager of IBM Security. “Watson for Cyber Security will let customers very quickly go through these events and be more accurate.”
The cyber security software was in use by 50 of IBM’s customers before its release and will now be available in the company’s online app exchange for a free trial, then billed as a premium software offering. Large corporations are the most natural sales target, but the product could make sense for companies as small as 100 people, says van Zadelhoff. Industries represented by customers so far include financial services and healthcare but also airlines and automakers, IBM says.
One customer that van Zadelhoff couldn’t name for privacy reasons tested Watson head-to-head with its normal methods recently and discovered attacks on 34 of the company’s laptops linked to a new strand of malware, the IBM executive says. To the security analyst without Watson’s data, the results had looked like a false positive.
Like other machine learning tools, Watson for Cyber Security learns as it goes, ingesting customer feedback and the results it finds to get better the next time. The company spent the past few months training the software to have a large enough knowledge base to handle a wide range of customers and potential vulnerabilities. “When you think of back-door vulnerabilities and viruses such as Heartbleed, it had to know what that is,” says van Zadelhoff.
IBM will hope that cyber security can prove a major source of new customers for its Watson unit following its push into healthcare as the company continues to position itself as a company focused on the cloud, artificial intelligence and cognitive software and less on its long-declining hardware and services businesses. Watson has been at the core of the company’s “strategic imperatives” set under CEO Ginni Rometty of cloud, mobile and analytics that contributed $32.8 billion in revenue for full-year 2016.
IBM Watson continues to grow its business as a core part of IBM’s Cognitive Solutions group, which increased revenue 1.4% last quarter, but analysts (and likely management) will want to see the unit continue to take on more of a share of the company’s overall business.
The company also hopes that President Donald Trump’s administration will prove a favorable one in which to do new business. Rometty sits on Trump’s business advisory council and wrote an open letter to Trump following his election. IBM’s public statement on Trump’s controversial executive order on immigration did not take a public stand for or against its policies. Earlier on Monday, Rometty sent an email to IBM’s many thousands of employees to defend her participation in the council and assert that IBM “does not espouse a partisan or political point of view.”
Cyber security, meanwhile, has been a focus for Trump and his administration. Trump named former New York City mayor Rudolph Giuliani an adviser on the issue in January; a widely-expected executive order on cyber security has yet to be signed.