AI Security in Higher Ed

Mar 30 2020

3 Ways Artificial Intelligence Can Improve Campus Cybersecurity

While there’s no replacement for the human factor in security, universities can benefit from the amplification and efficiency AI brings to cyberdefense.

With malicious actors engaging in sneakier, more sophisticated AI-fueled cyberattacks, today’s organizational security teams also find themselves turning to AI-oriented security tools as an extra line of defense and vulnerability management.

Colleges and universities make alluring targets, particularly those with healthcare systems attached or engaged in sensitive research.

“We have a huge amount of information,” says Dan Basile, CISO for the RELLIS Campus of Texas A&M University, which started using AI tools for cybersecurity six years ago.

An academic medical center might include multiple hospitals, healthcare clinics and classified research projects, not to mention personal information on faculty, staff, students and patients. Then you have places like Texas A&M, which also houses military research and testing sites. 

“All of this information is something our foreign adversaries would like to get their hands on,” says Basile, who is also director of statewide cybersecurity services for the university.

It’s not just the wealth of sensitive data that places higher education institutions at greater risk. Higher ed also tends to be stretched thinner than other industries in terms of vulnerability management and other cybersecurity resources. Higher ed institutions typically lack the capacity to focus on everything they need to, especially given the threat level to student data, says Keith Rajecki, vice president of the public sector, education and research industry solutions group at Oracle

“By leveraging AI and machine learning,” Rajecki says, “they’re able to automate a lot of detection, prevention, patching and administration that are necessary to keep their environment secure with far fewer staff resources.” 

Here are three things AI can do for universities and colleges.

1. Leverage Security Analytics to Speed Up Threat Surveillance

AI is a necessary tool for higher education institutions because of the sheer size of their networks, and the speed at which bad actors can launch AI-based cyberattacks, says Von Welch, executive director for cybersecurity innovation at Indiana University and director of IU’s Center for Applied Cybersecurity Research.

“It’s critical to have faster and faster responses, in the middle of the night, on holidays and in general,” he says. Higher education CISOs, he continues, need ways to “take care of the background noise of these threats as quickly and at scale as possible.”

That’s why the University of Tennessee Health Science Center started using CB ThreatSight, a managed threat hunting service from VMware Carbon Black. The tool gave them “a whole set of eyes looking over everything,” according to a recent case study published by Ammar Ammar, University of Tennessee Health Science Center IT security analyst. “We recently had an outbreak of weaponized documents,” Ammar said in the case study. “CB ThreatSight immediately identified the issue, and we were able to block them from coming through on the exchange.”

AI-oriented vulnerability management capabilities will only keep improving, says Chris Wessells, senior higher education strategist at Dell Technologies, which worked with the University of Tennessee on this solution. 

“In the future, we’ll see much more active prevention and detection happening within core aggregation groups around the world,” Wessells says. That includes identifying threats from known active adversaries and training AI to detect them. 

More from EdTech: A 5-Year Vision for Artificial Intelligence in Higher Education

2. Use Deep Learning in Cybersecurity to Bolster Vulnerability Management 

As networks grow, so does the number and magnitude of the threats they face, along with the speed in which those threats move. This is another burden AI takes on, says Mike Spisak, CTO of security for IBM Garage, an innovation consultancy within IBM. AI, Spisak says, can “speed up the ability to respond to vulnerabilities and threats.”

Because AI constantly learns and evolves, its capacity for vulnerability management improves the longer it’s in place. “As it responds to things in a positive way, that feedback is fed into the system,” Spisak says. “It grows and gets better over time.” 

AI will not replace analysts looking for threats, but it can help to identify AI cyber attacks faster so that they can “make better, more informed decisions about vulnerabilities as they happen,” Spisak concludes.

3. Maximize AI to Detect Network Security Cyberattacks

Because of the noise-to-signal ratio, network security is particularly challenging for colleges and universities, says Kayne McGladrey, CISO and CIO of Pensar Development and member of the technology industry group IEEE

“Every university has a whole crop of new individuals who come into the organization on an annual or quarterly basis,” McGladrey explains. With such a frequent influx of new arrivals bringing their own devices and computers, it’s essentially impossible for university IT teams to control the sheer number of new endpoints. 

AI can identify networking traffic, assess what “normal” looks like on a university network and do it at a larger scale that humans can accomplish. Thus, if a “faculty member normally arrives at 8 a.m., does work until 7 p.m. and then maybe logs on to her email at 9 p.m., you wouldn’t expect that individual to be up at 3 a.m. connecting from China. AI can monitor those patterns of normalcy,” he says.

Sam Edwards/OJO Images/Getty Images