The National Institute of Standards and Technology has partnered with IBM to leverage an artificial intelligence system to rate the severity of publicly reported cyber vulnerabilities, Nextgov reported Friday.
Matthew Scholl, head of NIST’s computer security division, said the institute expects IBM’s Watson AI system to give risk scores to most public computer bugs by October 2019 to free up human analysts to focus on novel and complex vulnerabilities.
Scholl told reporters that NIST’s move is based on the results of a pilot program of Watson earlier this year that looked at hundreds of thousands of scores assigned by NIST analysts using the Common Vulnerability Scoring System.
He noted that a NIST analyst will assess and edit the score if the Watson system brings out a confidence percentage that is below the high 90-threshold for each CVSS score.
NIST’s chief information officer will facilitate the integration of the Watson scoring system with other platforms before going live, Scholl added.