"We need to rethink what security looks like," CA Technologies chief technology officer Otto Berkes told iTWire.
"Security needs to be very dynamic, with a certain degree of intelligence."
Berkes envisages a situation where systems become more "self-aware" in the sense of being able to detect when they are under attack and taking steps to mitigate the situation.
Even if we did not want systems to respond autonomously, they could at least bring unusual events to human attention.
Such defences could draw on the wide range of available information. For example, an airline ticket in an executive's email account provides a clue about his or her whereabouts on a particular day – so any activity from that location would be less suspicious than at other times.
It's not quite that simple, as it would be fairly easy to send a fake airline ticket to the intended victim just ahead of an attack, but it does illustrate the type of data that could be used. The point is that such measures could work automatically in the background, without the continuing involvement of security experts.
Berkes predicts increased interest in and development of machine learning during the coming year, and the beginning of a wider deployment across more use cases.
It is "coming out of the labs and into practical applications" but "it's not going to be an overnight thing".