Sophos’ Small-Scale Solutions: Smart AI Shrinks Cybersecurity Challenges
Large language models have recently dominated discussions around artificial intelligence (AI). However, cybersecurity firm Sophos has developed smaller, faster AI models that show promising performance in the field. To enhance these compact models, Sophos has employed three key techniques.
Firstly, through a semi-supervised approach, data in large models that have not been previously identified for learning is marked, and the small models then learn from this labeled data. Secondly, knowledge distillation transfers knowledge from large models to the small ones, boosting their performance without the complexities of deploying large-scale models. Lastly, synthetic data generation involves large models artificially creating examples to further train the small models.
Sophos reports that these smaller models are increasingly capable of performing with accuracy comparable to large language models. They are also more cost-effective and easier to operate on computers or cloud systems.
Research indicates that small models can effectively address cybersecurity risks in specific tasks, sometimes outperforming larger language models. On the other hand, running large language models incurs significantly higher costs.
Sophos emphasizes, “Generative AI is not required in many areas of cybersecurity. Instead, problems can be solved through classification using small models.” Examples include identifying malicious websites, detecting viruses in emails, and flagging risky files. Additionally, many security co-pilot tasks—such as monitoring alerts and prioritizing issues for resolution—can be successfully handled by small models.
