Data has never been more valuable. It is the lifeblood of the modern business and, at the same time, it is increasingly vulnerable to attack. The growing use of hybrid cloud and remote working means bad actors have a larger attack surface than ever before. The result? A rapidly evolving threat landscape that is increasingly difficult to control.
In addition to growing attack avenues, managing increasing volumes of information creates data overloads, putting additional pressure on an ever-increasing workforce. Add to that new applications and IT infrastructure, as well as a skills shortage, and the situation starts to look problematic. It’s no surprise, then, that security often lags behind where it needs to be to be effective in today’s digital world.
All of this means that it has never been more critical for IT leaders to quickly find ways to bring together a disparate number of elements behind a unified set of defenses. Fortunately, this is a goal that is increasingly being achieved through the implementation of next-generation AI tools, and IT managers can use this technology to anticipate potential attacks.
A complex security landscape
The need for organizations to more effectively monitor their IT security infrastructure, combined with the need to make sense of their growing volumes of data, requires a high degree of expertise and significant time. This can cause organizations and IT managers to feel like they are behind against their attackers. Additionally, this very diverse environment calls for many different security methodologies. For example, securing your endpoints is very different from securing an S3 bucket in the cloud. Enter AI.
Traditional AI is very effective at classification. It is therefore particularly useful for filtering and sorting events in a diverse IT environment. There are always activities that could be “bad”, but 80% of them are likely to be harmless. However, the possibility of malicious activity still exists. No one wants to miss an attack or data issue, risking everything being considered important. Fortunately, AI is excellent at categorizing events from high to low priority, ensuring that action and efforts can be diverted to where they are most urgent.
With the introduction of generative AI, there is a second defensive opening. It is possible to make a real impact on the current skills shortage through the use of natural language processing (NLP). By translating security alerts into plain English, security teams receive clear, immediately actionable notifications.
Financial pressures or rapid action
Of course, security teams don’t want to be an obstacle for organizations, and they certainly don’t want to hinder business development plans. The fundamental question facing security leaders and their teams is: “How can I act faster?” » To achieve this, they must be able to extract information from their IT environment quickly and accurately. Only then can they better defend themselves against attacks.
Unfortunately, security teams are not immune to what is happening in the broader economic environment. There is pressure to do more without access to significant additional resources. As a result, they must streamline their operations and become more efficient, which is particularly challenging due to the growing attack surface and resulting threat level.
AI-powered security tools offer a path forward to help alleviate some of this pressure, and more than half of executives (52%) already recognize that AI will help them better allocate resources, abilities or skills. There is, however, an obstacle to overcome. Overall, security professionals do not inherently trust IT, and AI results are no different. Questions will be asked about the validity of the data provided and the source of their information. Without transparency building trust can be difficult, which is why openness must be at the center of any AI implementation.
Assembling the most appropriate set of AI-based tools is not a one-time task; the ingenuity of bad actors will see to that. By 2025, AI security budgets are expected to be 116% higher than in 2021, as businesses plan for the future while securing the present, quickly and efficiently. Choosing the right technology partner will be the cornerstone of this strategy. Cybercriminals only need to get lucky once, but your defenses need to be up to snuff at all times.
Christopher Meenan is vice president of security product management at IBM
