ML tools can help identify phishing attempts, even sophisticated ones that might slip past regular filters, Riboldi says. “Over time, these systems get better,” he says. “This leads to fewer false alarms and more focus on actual threats. As not all security weaknesses are the same, machine learning can help prioritize those vulnerabilities that are a threat for the business.”
Emphasize the ‘learning’ part of ML
To be truly effective, models need to be retrained with new data to keep up with changing threat vectors and shifting cyber criminal behavior.
“Machine learning models get smarter with your help,” Riboldi says. “Make sure to have feedback loops. Letting analysts label events and adjust settings constantly improves their accuracy. Also, the data you give them is key. It needs to be good, secure, and come from different sources, like your computers, the cloud, login systems, etc.”
