Security Leaders Turn to AI to Power Innovation
Security leaders are looking to artificial intelligence (AI) technologies to help combat a rising tide of sophisticated threats as they struggle to find qualified IT talent, according to a Netrix Global survey of more than 300 IT security professionals.
The study found 22% of respondents said that they want to see more AI used in cybersecurity this year, while more than half of the executives surveyed said that they currently use AI and machine learning.
Many companies are investing more heavily in security managed services, and nearly half (47%) of respondents said that they have already accelerated some cybersecurity initiatives so that they would be complete prior to the economic impact of a recession.
Russell Reeder, CEO of Netrix, said even with the validation that AI is becoming a market disruptor, it’s important to have a solid objective, plan and investment strategy that prioritizes a return and achieves your set goals.
Emerging AI/ML Innovation
“The use of AI/ML isn’t new, as many of the AV and EDR vendors have used some form of this technology for years, whether in their detection models or developing neural networks to help provide detections at a macro-level with the data they receive from customers on a day-by-day basis,” he added.
What is emerging is the use of AI/ML to better detect these type of events as they progress through the attach kill chain from discovery through breach and linking events together in a meaningful way.
“In the past, this was handled almost in silos: The perimeter, endpoint and identity, and now we’re seeing effective XDR platforms work to really stitch this together faster in a meaningful way,” Reeder said.
Erik Gaston, vice president of global executive engagement at Tanium, noted there remains a lack of integration across operations and security which stands as a barrier to widespread adoption of AI.
“The biggest concern here is that cybercriminals will be quicker to adopt emerging technologies like AI to advance their own aims,” he said. “The question remains–can we keep up?”
He explained that AI can be leveraged to reduce the noise level on common patterns and issues so your team can focus on the things that really matter.
“Automation effectively drives down the overall weight active threat hunting puts on an organization,” he said.
This allows security professionals to prioritize cybersecurity hygiene and ensure they know where everything is or who is coming in and out of the network, to identify and act quickly when there is a breach.
AI and the Talent Shortage
“The bottom line is that our industry is facing a talent shortage and there simply aren’t enough people that are qualified for the number of roles currently open,” Gaston said. “The war on talent is very tight, but the good news is that AI can be leveraged to help you keep the best and brightest on your team. After all, the top talent wants to be on the leading edge.”
He added that AI also empowers organizations to effectively scale without just adding more people—and above all, the security professionals that you have can avoid burnout and focus on the top issues instead of monotonous routine tasks.
Reeder said when facing the real challenge of IT and cybersecurity talent shortage, leveraging AI/ML to assist is an ideal use case.
“What an analyst can do in a repetitive fashion can be done using the most basic form of automation, in most cases,” he explained.
Adding in AI allows large language models (LLMs) to add additional context, improve response times with leaner staff and provide knowledge/guidance that otherwise may not be available due to shortage of resources.
Sajeeb Lohani, director of cybersecurity at Bugcrowd, said the team has used AI and ML technologies to increase productivity within reason (finding details within API documentation, for example) and in the areas of anomaly detection and intrusion detection.
“Our use of automation within the security team is quite extensive; we automate any task which we need to repeat multiple times, starting from marking a ticket as a duplicate of another all the way down to a custom mail-merge type feature for messaging platforms,” he said.
He added that AI can help identify different strains of such threats; however, it is far from being a perfect solution.
“It is great for identifying variations of existing attacks or techniques, but it won’t be able to identify completely new behaviors and zero-days in most cases,” Lohani said.
From his perspective, automation helps teams scale faster and be more effective, but automation can’t entirely replace a team, and the same goes for AI-related technologies.
“These technologies can help facilitate individuals and increase productivity at times,” he noted. “That said, they also run the risk of accidental leakage of confidential information.”
