The Future of Artificial intelligence and Cybersecurity
19 September 2018

The Future of Artificial intelligence and Cybersecurity

Artificial intelligence (AI) and machine learning (ML) can offer IT security professionals a way to enforce good cybersecurity practices and shrink the attack surface instead of constantly chasing after malicious activity.

While security as a percentage of IT spend continues to grow at a robust rate, the cost of security breaches is growing even faster.

Organizations are spending close to $100 billion on a dizzying array of security products. In fact, it is not uncommon for CISO organizations to have 30 to 40 security products in their environment. However, if you ask chief information security officers how they feel about their security risk, they will express concerns over being highly exposed and vulnerable.

AI will have a growing impact on cybersecurity technology as a supporting technology, not as a new product category.

Cybersecurity developers are innovating to bring AI-based cybersecurity products to market.

Palo Alto Networks introduced Magnifier, a behavioral analytics solution that uses structured and unstructured machine learning to model network behavior and improve threat detection.

Google’s parent company, Alphabet, announced Chronicle, a cybersecurity intelligence platform that throws massive amounts of storage, processing power, and advanced analytics at cybersecurity data to accelerate the search and discovery of needles in a rapidly growing haystack.

There is growing demand for AI-enhanced Cybersecurity solutions. According to ESG research, 12 percent of enterprises have already deployed AI-based security analytics extensively, and 27 percent have deployed AI-based security analytics on a limited basis. 

What’s Driving AI-based Cybersecurity Technology Adoption?

According to ESG research:

  • 29 percent want to use AI-based cybersecurity technology to accelerate incident detection. In many cases, this means doing a better job of curating, correlating, and enriching high-volume security alerts to piece together a cohesive incident detection story across disparate tools.
  • 27 percent want to use AI-based cybersecurity technology to accelerate incident response. This means improving operations, prioritizing the right incidents, and even automating remediation tasks.
  • 24 percent want to use AI-based cybersecurity technology to help their organization better identify and communicate risk to the business. In this case, AI is used to sort through mountains of software vulnerabilities, configuration errors, and threat intelligence to isolate high-risk situations that call for immediate attention.
  • 22 percent want to use AI-based cybersecurity technology to gain a better understanding of cybersecurity situational awareness. In other words, CISOs want AI in the mix to give them a unified view of security status across the network.

For each of these use cases, AI-based solutions provide incremental analytics clout to existing technologies. This in-tern drives greater efficacy and value.

The trend to augment Enterprise cybersecurity intelligence with AI happen in one of two ways: 

(1) In some cases, machine learning technologies are applied to existing security defenses as helper apps. For example, Bay Dynamics and Symantec have formed a partnership that applies Bay’s AI engine behind Symantec DLP to help reduce the noise associated with DLP alerts. Fortscale does similar things by back-ending endpoint detection and response (EDR), identity and access management (IAM), cloud access security brokers (CASB), etc.

(2) Alternatively, some AI-based solutions work on a stand-alone basis but are also tightly coupled with the various other technologies of a security operations and analytics platform architecture (SOAPA). Vectra Networks and E8 security are often integrated with SIEM and EDR. Kenna Security works hand in hand with vulnerability scanners. Splunk and Caspida are tightly integrated as are IBM QRadar and Watson, etc.

AI-Based Cybersecurity Solutions Are Here to Stay But Cybersecurity Professional AI Expertise is Lagging

There’s no doubt that AI-based security analytics are here to stay. ESG research indicates that only 30 percent of cybersecurity pros feel like they are very knowledgeable about AI / Machine Learning and its application to cybersecurity analytics. 

That means cybersecurity vendors that pitch AI concepts, algorithms, and data science capabilities have an educational barrier to cross to succeed.

Cybersecurity professionals want to enhance security efficacy, improve operational efficiency, and help deliver highly secure business-enabling IT initiatives. AI is slowly becoming a welcomed addition to their toolkit that helps them achieve important security goals.

In the future, AI could be a cybersecurity game-changer, and Cybersecurity Professionals should be open to this possibility and the impact of AI will only strengthen over the next decade.

Artificial Intelligence within Cyber Security