Security teams are overwhelmed as cyber threats increase. Cyber attacks continue, despite the plethora of solutions available. No single company is able to meet this challenge by themselves.
Pradeep Vasudevan, Country Leader, Security Software, IBM India / South Asia, adds some perspective to this. Excerpts from an interview:
DQ: What are your views on the evolution of intelligent security solutions and what is driving this trend?
Pradeep Vasudevan: Today, amidst the pressure of various micro and macroeconomic factors, technology leaders are being compelled to reevaluate their IT strategies to balance digital transformation and deliver value to stakeholders. Rampant cloud adoption, digital transformation and the explosion of hybrid work have expanded organizations’ digital footprint and distributed attack surfaces, as more assets are being added to the companies’ networks. Further, with AI disrupting the digital landscape, it has become imperative for organizations to establish a preventative, proactive security posture to safeguard themselves.
Globally, security teams are overwhelmed, under-resourced, and under a microscope as threats increase and regulatory requirements tighten. The recently introduced Digital Personal Data Protection Bill 2023 also encourages organizations to invest in building robust cybersecurity capabilities for threat detection, response and reporting.
It is becoming evident that time is the new currency of cybersecurity – organizations need to invest wisely in speed. To empower enterprises, organizations such as IBM are expanding their security products and services by infusing them with dynamic AI and automation capabilities.
IBM’s cognitive security solutions combine the strengths of AI and human intelligence. For example, the IBM Security QRadar Suite, with AI-Powered Alert Triage, Automated Threat Investigation, and Accelerated Threat Hunting can help businesses accelerate response times using comprehensive, near-real-time analytics to intelligently identify and tackle risks.
DQ: What role does security AI and automation play in threat detection and mitigation in today’s digital landscape?
Pradeep Vasudevan: As the findings in the Cost of a Data Breach Report 2023 show, security AI and automation have the biggest impact on an organization’s ability to accelerate the identification and containment process for a breach. In fact, Indian companies with extensive use of AI and automation experienced a data breach lifecycle that was 153 days shorter, compared to studied organizations that have not deployed these technologies.
Security teams can benefit from having AI and automation embedded throughout their security toolsets. For example, leveraging AI and automation across threat detection and response tools can help analysts contextualize and triage security alerts more effectively. These technologies can also automate portions of the threat investigation process or recommend actions to catalyze response, reducing human effort.
Additionally, AI-driven data security and identity solutions can help stitch together suspicious behaviors more effectively and take action to prevent high-risk interactions.
DQ: What are the benefits and potential consequences of technology surpassing human errors or limitations?
Pradeep Vasudevan: Technology plus talent yields positive security outcomes. As cyberattacks grow in volume and complexity, AI is helping under-resourced security operations analysts stay ahead of threats. Curating threat intelligence from millions of research papers, blogs and news stories, AI technologies like machine learning and natural language processing provide rapid insights that help analysts cut through the noise of daily alerts, thereby drastically reducing response times.
Further, security AI systems are adept at identifying abnormal behaviours, assessing vulnerabilities dynamically, and flagging anomalous activity that can indicate new threats.
As the Cost of a Data Breach Report 2023 indicated, currently defenders have a slight advantage over adversaries when it comes to AI. But, with these technologies becoming more accessible, it won’t be long before this dynamic changes. Traditionally, industries have been compelled to innovate in response to threats. However, it is imperative that organizations start thinking like attackers and leverage AI technologies to future-proof themselves.
DQ: How can CISOs effectively harness AI's potential to enhance cybersecurity and stay ahead of evolving threats?
Pradeep Vasudevan: AI can play a pivotal role in enhancing cyber security by augmenting human capabilities and automating routine tasks. According to IBM Security X-Force Threat Intelligence Index 2023, by integrating AI into their cybersecurity strategies, CISOs can proactively identify, defend against, and respond to evolving threats, bolstering their organization's overall security posture and protecting sensitive data from potential breaches. This approach empowers organizations to respond proactively and reduce the time taken to detect and mitigate cyber incidents.
In addition to this, CISOs should also invest in building the right talent capabilities. By deploying automated, intelligent security solutions, analysts can be empowered to focus on more critical tasks at hand. Leaders should equip their teams to stay abreast of the latest developments and help them hone the skillsets required to use emerging technologies effectively. It will also be important to educate internal and external stakeholders about their roles in the success of cybersecurity solutions.
Finally, collaboration is essential in the fight against cyber threats. No single organization can solve the challenge by itself. CISOs can partner with organizations, such as IBM Security X-Force, to access threat intelligence and share knowledge about emerging threats, tactics, and mitigation techniques.