In the realm of artificial intelligence (AI) in cybersecurity, what truly matters are the outcomes. As the threat landscape undergoes transformations and generative AI becomes a tool for both defenders and attackers, assessing the efficacy of AI-based security solutions is paramount. BlackBerry, with its distinguished AI and machine learning (ML) patent portfolio, emerges as a leader, offering valuable insights into what works and why.

The Evolution of AI in Cybersecurity

The journey of AI and ML in cybersecurity traces back over a decade, with the development of CylancePROTECT® EPP, an endpoint protection platform by BlackBerry. Given the contemporary challenges posed by generative AI-driven novel malware attacks, BlackBerry’s commitment to predicting and preventing such threats has become more critical than ever. The recent BlackBerry Global Threat Intelligence Report highlighted a 13% surge in novel malware attacks, emphasizing the ongoing need for technological evolution.

BlackBerry’s data science and ML teams have dedicated efforts to enhance the performance of their predictive AI tools. Third-party tests confirm the effectiveness of Cylance ENDPOINT®, showcasing a remarkable 98.9% success rate in actively predicting malware behavior, even for new variants. This achievement is the culmination of a decade of innovation, experimentation, and evolution in AI techniques, including a shift to a composite training approach combining unsupervised, supervised, and active learning.

Temporal Advantage: A Crucial Dimension

While ML models are often evaluated based on size, parameters, and performance, their real-time detection and response capabilities hold paramount importance in cybersecurity. In the context of malware pre-execution protection, where threats must be thwarted before execution, the temporal aspect becomes crucial. Temporal resilience, measured by a model’s performance against both past and future attacks, is vital for effective threat detection.

The Temporal Predictive Advantage (TPA) metric assesses a model’s ability to perform over time, especially in detecting zero-day threats. BlackBerry Cylance’s model exhibits a strong temporal predictive advantage, maintaining high detection rates without frequent model updates. This resilience over time underscores the maturity and precision of the model, crucial for endpoints not always cloud-connected.

Mature AI Predicts and Prevents Future Evasive Threats

BlackBerry Cylance’s innovative ML model inference technology sets it apart. This technology can infer whether something is a threat, even in the absence of prior exposure, showcasing the model’s maturity and training precision. The unique hybrid method of distributed inference, conceptualized seven years ago, contributes to the model’s maturity, representing the pinnacle of innovation.

Predicting Malware: The Most Mature Cylance Model

Built on vast and diverse datasets, the latest Cylance model outshines its predecessors in performance, particularly in temporal predictive advantage. With over 500 million samples and billions of features evaluated, BlackBerry Cylance AI delivers outstanding results and operates with impressive speed for distributed inference.

In an era where adversaries increasingly leverage AI, prioritizing effective defensive cybersecurity measures is paramount. BlackBerry’s Cylance AI, with its multi-year predictive advantage, continues to protect businesses and governments globally from cyberattacks. Demonstrating outcomes that set it apart, Cylance AI stops 36% more malware, is 12 times faster, and incurs 20 times less overhead than the competition. Not all AI is created equal, and indeed, not all AI is Cylance AI.

By Impact Lab