Challenges of Developing Computer Vision for Cyber Security

Considering developing Computer Vision for Cyber Security in-house?

There is a very good reason why companies in the phishing detection and threat hunting industry, like Mimecast and Cofense are turning to computer vision to enhance their cyber security offerings. Attempting to flag potential cyber threats without the assistance of AI has simply become an impossible task. In some cases, it is a matter of fighting AI with AI, but the application of computer vision has specific benefits such as being able to spot attempts to evade detection using visual elements. It is, quite frankly, an essential attribute for any effective cyber security software. 

If you are researching computer vision for cyber security software, you may already be aware that you have two options: you can develop it in-house, or you can work with a third party API provider. Of course, as with the development of an application, there are some challenges to developing computer vision yourself.

Expertise

Computer vision requires expert knowledge and experience to develop effectively. Unless you already have a team of people who are specialists in Visual-AI and understand the very specific challenges involved in building models for visual analysis that can work at a massive scale, you will need to spend time and money building a team of experts to carry out the work. 
As the skills involved in the development of computer vision are so specialized and in such high demand, there is effectively an “AI Talent War”. On average, it takes 25 days to hire in the business services industry, but when it comes to building a computer vision stack it can take months.

Accuracy

When analyzing structured data, issues around interpretation do not exist. A ‘1’ is a ‘1’, and ‘A’ is an ‘A’. But when examining a graphic, where logos and text are burnt into it, correct identification and interpretation are far more tricky and that gets represented by terms like ‘precision’ and ‘recall’. Driving these two stats to as close to 100% is the holy grail – but that’s no easy task.

In a sector where every percentage point increase in detections could stop a multi-million dollar compromise, an 80% precision factor pales into insignificance compared to a solution that can deliver 95%+ precision.

Testing and training

Computer Vision is not a “build-it-and-run-it” technology. It takes months, and in some cases more than a year, to build an effective, accurate AI solution and train it based on countless data points. It also takes a lot of time to test and fine-tune the programme before it is implemented. All this time delay slows down your ability to deploy this technology in the field. This not only means that you lag behind competitors but also leaves users open to increasing levels of threat. 

Updates

Computer Vision is a technology in constant development. Additionally, cybersecurity is an industry that faces new threats almost every day.

As with all technology related to cyber security, it’s important to ensure that computer vision is continually updated throughout the year, programming it to flag new attack vectors and to ensure it continues to run smoothly and accurately.

So, should you buy or DIY your AI?

Of course, there are advantages to DIYing for those who do have the expertise and can scale up and maintain a computer vision stack. But for most, outsourcing your Visual-AI, much like you would your CRM or accounting system, not only cuts down on the costs and time associated with recruiting and inducting a whole new team, but you’re bringing dedicated experts to the challenge. Additionally, an API can be adapted for your needs, tested, trained, implemented and kept up to date by a team that has already built the framework and collected necessary data. Furthermore, you’ll receive personal support from the team that built it. 

To learn more about the pros and cons of DIY vs Buy, listen to our podcast on the subject below.