{"id":6596,"date":"2017-02-13T06:21:28","date_gmt":"2017-02-13T14:21:28","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/02\/13\/news-415\/"},"modified":"2017-02-13T06:21:28","modified_gmt":"2017-02-13T14:21:28","slug":"news-415","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/02\/13\/news-415\/","title":{"rendered":"Tony Stark Has Jarvis. And Now IBM Has Havyn"},"content":{"rendered":"<p><strong>Credit to Author: Brian Barrett| Date: Mon, 13 Feb 2017 10:00:29 +0000<\/strong><\/p>\n<article class='content link-underline relative body-copy' data-js='content' itemprop=\"articleBody\" width=\"100%\" height=\"420\">\n<p>Last October, 11-year-old Evan Spisak wandered down to his father\u2019s basement workshop to help out on a weekend project, a time-honored tradition in homes across the country. But Evan\u2019s father, Mike, is an IBM master inventor. And what they came up with was no birdhouse or pinewood derby car. It was Havyn, a homegrown voice assistant that taps into IBM\u2019s enormous cybersecurity infrastructure, putting Watson\u2019s AI smarts at their literal beck and call.<\/p>\n<p>While Spisak likens his creation to Tony Stark\u2019s \u201cJarvis\u201d AI assistant, the shortest path to understanding its importance isn\u2019t though comics mythology. Think of Havyn, instead, as a highly specific analog to Amazon\u2019s Alexa voice assistant. Instead of connecting users to Spotify or online shopping carts, it helps fight cyberthreats. <\/p>\n<p>And while Havyn may have started as spare-time tinkering, a dozen analysts at IBM\u2019s X-Force Command Centers&#8212;the <em>G.I. Joe<\/em> name the company gives its security operations hubs&#8212;in Atlanta, Boulder, Poland, and Costa Rica are already testing it in the real world.<\/p>\n<p>Some fathers and sons bond over football. Some like to cook. Evan and Mike Spisak invented an interface that could help fundamentally improve how cybersecurity works.<\/p>\n<h3>Origin Story<\/h3>\n<p>The Havyn project started, appropriately enough, with a question.<\/p>\n<p>That fall weekend, Mike showed Evan IBM\u2019s \u201cSecurity Services Virtual Analyst,\u201d a fancy name for a Watson-based chatbot capable of fielding basic queries through the keyboard. As a kid growing up in the age of Siri might, Evan wondered why the need for all the typing.<\/p>\n<p>\u201cWhy can\u2019t you talk to it,\u201d Evan asked. As it turns out, you could. And with relative ease.<\/p>\n<p>The Spisaks bought a <a href=\"https:\/\/www.wired.com\/tag\/raspberry-pi\" target=\"_blank\">Raspberry Pi<\/a>&#8212;a $35 microcomputer&#8212;along with a 7-inch touchscreen interface that doesn\u2019t cost much more. He and Evan then raided Bluemix, IBM\u2019s cloud platform, for pre-existing \u201crecipes\u201d of code to give their experiment some basic functionality. That, along with some tinkering with specific dialog, was enough to get a generalized voice assistant up and running. Giving it cybersecurity bona fides was simply a matter of tapping into IBM\u2019s cloud-based cyber threat intelligence platform, X-Force Exchange. <\/p>\n<p>\u201cNow all of a sudden we were able to ask questions about cybersecurity, and get answers,\u201d says Spisak.<\/p>\n<figure id=\"attachment_2159378\" class=\"wp-caption landscape alignnone  relative\" data-js=\"fader\">\n<div class=\"ui-social-wrapper image absolute top right\">\n<ul class=\"no-marg\">\n<li><a class=\"fb clearfix no-underline no-outline\" onclick=\"window.open( 'https:\/\/www.facebook.com\/dialog\/feed?display=popup&#038;app_id=719405864858490&#038;link=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F&#038;picture=https%3A%2F%2Fwww.wired.com%2Fwp-content%2Fuploads%2F2017%2F02%2FHavyn-Basement-Still-1.png&#038;redirect_uri=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F' , 'Facebook' , 'height=580, width=730' )\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ui ui-social-xtra-sm ui-fb-xtra-sm active bg-fb\"><\/i><\/a><\/li>\n<li><a  class=\"pint clearfix no-underline no-outline\" onclick=\"window.open( 'https:\/\/pinterest.com\/pin\/create\/button\/?url=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F&#038;is_video=true&#038;media=https:\/\/www.wired.com\/wp-content\/uploads\/2017\/02\/Havyn-Basement-Still-1.png&#038;description=Tony%20Stark%20Has%20Jarvis.%20And%20Now%20IBM%20Has%20Havyn%20%7C%20Mike%20and%20Evan%20Spisak%20working%20with%20Havyn.%20%7C%20Credit%3AIBM%20%7C%20From%20WIRED.com' , 'Pinterest' , 'height=580, width=730' )\"><i aria-hidden=\"true\" role=\"presentation\" data-js=\"social\"  class=\"ui ui-social-xtra-sm ui-pint-xtra-sm active bg-pint\"><\/i><\/a><\/li>\n<\/ul><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.wired.com\/wp-content\/uploads\/2017\/02\/Havyn-Basement-Still-1-582x327.png\" alt=\"Mike and Evan Spisak working with Havyn.\" width=\"582\" height=\"327\" class=\"size-default-top-art wp-image-2159378\" \/><figcaption class=\"wp-caption-text link-underline\"><span class=\"marg-r-micro\">Mike and Evan Spisak working with Havyn.<\/span><span class=\"credit link-underline-sm\"><span aria-hidden=\"true\" class=\"ui ui ui-photo inline-block ui-credit relative opacity-6 marg-r-sm\"><\/span>IBM<\/span><\/figcaption><\/figure>\n<p>As the weeks went by, Spisak found himself talking with the new interface daily, asking both about general developments in cybersecurity, mostly centered on new threats that had surfaced. When the conversations became frequent enough to merit a formal moniker, father and son went to a baby-naming website for inspiration. They settled on Havyn, as in \u201csafe haven.\u201d<\/p>\n<p>\u201cWe took the \u2018y\u2019 spelling because it looked cool,\u201d says Spisak. <\/p>\n<p>Improvements continued as time allowed. Spisak hooked Havyn up to IBM BigFix, and endpoint security manager that can ascertain not just what cyberthreats exist, but whether any directly impact a given system. Eventually, Spisak gave Havyn an avatar inspired by Watson\u2019s original logo, because he \u201cfelt a little nutty talking to a computer.\u201d <\/p>\n<p>By the time Thanksgiving came around, Spisak felt confident enough in Hayvn&#8212;and optimistic enough about its real-world utility&#8212;that he started showing it off to his IBM colleagues. The consensus? Mike, and Evan, were onto something.<\/p>\n<h3>Cyber Assistant<\/h3>\n<p>Understanding why Havyn could be so transformative requires some clarifications of scale. <\/p>\n<p>First, it\u2019s best to think of Havyn as complementary to current cybersecurity workflows, rather than a wholesale replacement. Spisak likens its potential role to that of the elaborate second-screen experience offered by <em>The Walking Dead<\/em>\u2019s Story Sync interactive app. In either case&#8212;zombies or hackers&#8212;your main focus will always be on swatting away intruders. But if you want extra info along the way, it\u2019s available. <\/p>\n<p>\u201cThere\u2019s all kinds of things that our analysts do today, and some of them take a lot of time,\u201d says Spisak. Security personnel typically have to navigate multiple systems and contextualize mountains of data in real-time, a plate-spinning act under the best of circumstances. \u201cMaybe it\u2019ll be faster for them to just speak.\u201d<\/p>\n<p>In the same way it\u2019s easier to ask Alexa to set a kitchen timer when you\u2019re wrists-deep in raw chicken, analysts can offload a task to Havyn while they\u2019re engaged in some other typing-intensive mission. Or <em>lots<\/em> of tasks; Havyn is multithreaded, capable of fielding lots of queries all at once.<\/p>\n<p>Which gets us to the second dose of perspective that explains Havyn\u2019s potential worth. IBM research estimates that security teams have to deal with, on average, 200,000 individual events every single day. That\u2019s more than any human, or most teams of humans, can hope to process. <\/p>\n<p>That\u2019s a big reason <a href=\"https:\/\/www.wired.com\/2016\/05\/ibm-watson-cybercrime\/\" target=\"_blank\">IBM has trained Watson<\/a>, its <em>Jeopardy<\/em>-winning, cookbook-writing, all-knowing supercomputer, on cybersecurity over the last year or so. By reading all available cybersecurity literature and parsing every threat, Watson for Cybersecurity helps analysts minimize false positives, and know which of those 200,000 alerts merits specific attention. For all the flash and pomp around cognitive computing, <a href=\"https:\/\/www.wired.com\/2016\/12\/ibm-watson-for-cybersecurity-beta\/\" target=\"_blank\">Watson\u2019s main job, as it exits its beta<\/a> and enters the real world, is to save time.<\/p>\n<p>That\u2019s Havyn\u2019s aim as well. It doesn\u2019t understand cyber threats better than any of IBM\u2019s existing offerings, in the same way that Alexa doesn\u2019t understand the five-day forecast any better <a rel=\"nofollow\" href=\"https:\/\/www.amazon.com\/gp\/help\/customer\/display.html?nodeId=201549880\" target=\"_blank\">than AccuWeather<\/a>. <\/p>\n<p>\u201cThese are things analysts could be doing on their own, but it takes them five or eight minutes,\u201d says Justin Grant, director of strategy for IBM Managed Security Services, whose teams are running the Havyn beta. \u201cAnd when you have security alerts that never cease, just coming wave after wave after wave\u2026 As they\u2019re going through those alerts, to have somebody help you stay ahead is incredibly valuable in terms of speed and accuracy.\u201d<\/p>\n<h3>Learning Curve<\/h3>\n<p>If there\u2019s a caveat to all of this, it\u2019s that no one\u2019s sure exactly how useful Havyn might be. Or more specifically, it\u2019s still not clear exactly how analysts will use it. Then again, that\u2019s part of the fun.<\/p>\n<p>\u201cMy guess is we\u2019re going to see a lot of hybrid approach from our analysts,\u201d says Grant. \u201cA more complicated query they may just want to speak through\u2026 But a lot of quick interactions, once the data\u2019s up there, you just want to click to get to that next level.\u201d <\/p>\n<figure id=\"attachment_2158841\" class=\"wp-caption landscape alignnone  relative\" data-js=\"fader\">\n<div class=\"ui-social-wrapper image absolute top right\">\n<ul class=\"no-marg\">\n<li><a class=\"fb clearfix no-underline no-outline\" onclick=\"window.open( 'https:\/\/www.facebook.com\/dialog\/feed?display=popup&#038;app_id=719405864858490&#038;link=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F&#038;picture=https%3A%2F%2Fwww.wired.com%2Fwp-content%2Fuploads%2F2017%2F02%2FHavyn-Still-3TA.jpg&#038;redirect_uri=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F' , 'Facebook' , 'height=580, width=730' )\"><i aria-hidden=\"true\" role=\"presentation\" class=\"ui ui-social-xtra-sm ui-fb-xtra-sm active bg-fb\"><\/i><\/a><\/li>\n<li><a  class=\"pint clearfix no-underline no-outline\" onclick=\"window.open( 'https:\/\/pinterest.com\/pin\/create\/button\/?url=https%3A%2F%2Fwww.wired.com%2F2017%2F02%2Fibm-havyn-cybersecurity%2F&#038;is_video=true&#038;media=https:\/\/www.wired.com\/wp-content\/uploads\/2017\/02\/Havyn-Still-3TA.jpg&#038;description=Tony%20Stark%20Has%20Jarvis.%20And%20Now%20IBM%20Has%20Havyn%20%7C%20IBM%20%7C%20From%20WIRED.com' , 'Pinterest' , 'height=580, width=730' )\"><i aria-hidden=\"true\" role=\"presentation\" data-js=\"social\"  class=\"ui ui-social-xtra-sm ui-pint-xtra-sm active bg-pint\"><\/i><\/a><\/li>\n<\/ul><\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.wired.com\/wp-content\/uploads\/2017\/02\/Havyn-Still-3TA-1024x768.jpg\" alt=\"Havyn-Still-3TA.jpg\" width=\"1024\" height=\"768\" class=\"size-large wp-image-2158841\" \/><figcaption class=\"wp-caption-text link-underline\"><span class=\"marg-r-micro\"><\/span><span class=\"credit link-underline-sm\"><span aria-hidden=\"true\" class=\"ui ui ui-photo inline-block ui-credit relative opacity-6 marg-r-sm no-caption\"><\/span>IBM<\/span><\/figcaption><\/figure>\n<p>And just as analysts will learn how best to work with Havyn, the Watson-powered voice assistant will be able to learn from its interactions as well. In existing demos, it primarily deals out high-level information, broad overviews of new cyber threats and which are most concerning. Eventually, it could not just respond, but anticipate.<\/p>\n<p>\u201cI have this vision of having an analyst rolling up their sleeve, saying they need to get to work, and Havyn saying \u2018I already know what you need,\u2019\u201d says Spisak.<\/p>\n<p>All that would sound lofty for the work of a dedicated research team, much less a father and son tinkering with a Raspberry Pi on the weekends. But consider how far Havyn come in just four months, and that there are already plans to expand the beta from a dozen IBM analysts to 50. Consider, too, that IBM has all the software it needs waiting in the wings, and the hardware investment is negligble. <\/p>\n<p>So yes, exactly how Havyn will change cybersecurity remains very much to be determined. That\u2019s not a knock against it, though. In fact, it\u2019s Havyn\u2019s greatest strength.<\/p>\n<p><iframe loading=\"lazy\"  src=\"https:\/\/www.youtube.com\/embed\/nVyqGKhLBcY?feature=oembed\" width=\"100%\" height=\"420\" frameborder=\"0\" ><\/iframe> <\/p>\n<p><a href=\"https:\/\/www.wired.com\/2017\/02\/ibm-havyn-cybersecurity\/\" target=\"bwo\" >https:\/\/www.wired.com\/category\/security\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Brian Barrett| Date: Mon, 13 Feb 2017 10:00:29 +0000<\/strong><\/p>\n<div class=\"rss_thumbnail\"><img decoding=\"async\" src=\"https:\/\/www.wired.com\/wp-content\/uploads\/2017\/02\/Havyn-Still-2HP-660x371.jpg\" alt=\"Tony Stark Has Jarvis. And Now IBM Has Havyn\" \/><\/div>\n<p>What started as a father and son weekend project could change how cybersecurity works. The post <a href=\"https:\/\/www.wired.com\/2017\/02\/ibm-havyn-cybersecurity\/\">Tony Stark Has Jarvis. And Now IBM Has Havyn<\/a> appeared first on <a href=\"https:\/\/www.wired.com\">WIRED<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10607],"tags":[4500,11311,11049,714,11312,11313],"class_list":["post-6596","post","type-post","status-publish","format-standard","hentry","category-security","category-wired","tag-cybersecurity","tag-havyn","tag-ibm","tag-security","tag-voice-assistants","tag-watson"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6596","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=6596"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/6596\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=6596"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=6596"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=6596"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}