President Barack Obama recently sat down for an interview on emerging technologies with Wired Magazine. “Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls,” he said. “Increasingly, I find myself looking to medicine and thinking about viruses, antibodies … It means that we’ve got to think differently about our security.”
The idea of cybersecurity as a digital immune system is an apt metaphor. We can’t block everything, but we have to deal with everything. That’s where cognitive security solutions come in.
Embracing Cognitive Security Solutions
To help us manage everything, we need more complete and high-quality security information. There is no shortage of security content — both structured and unstructured content is generated on an enormous scale. However, it’s not feasible to review all this information in a timely fashion to make it actionable.
We are beginning to see the emergence of artificial intelligence, machine learning and cognitive computing tools that can help security teams take advantage of this information deluge and prompt better actions. These new systems can complement human tasks and provide better direction to our digital immune systems, enabling improved speed, more context and better management of the complex threat and risk landscapes. The goal is to bring together the best of both human and computer intelligence to create a more secure future.
Building a More Secure Future
In short, cognitive security solutions can understand, reason and learn about constantly evolving security threats. They are being developed to help tap the tremendous amount of security knowledge created for human consumption. The ultimate goals for cognitive security solutions are to move beyond the limits of manual efforts and enhance the work of security operations center (SOC) analysts, speed up response time with external intelligence and identify threats with advanced analytics. This all helps to reduce enterprise risk.
To better understand the current security landscape and how security leaders are thinking about and applying cognitive security technologies, IBM conducted a survey of 700 chief information security officers (CISOs) and other security leaders from 35 countries, representing 18 industries. The report, titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System,” provides insights into the current security operations context. It explains what the expectations and perceived benefits of cognitive security solutions are, whether security leaders are ready to implement the technology and what might be holding them back.
The Context for Cognitive
First, let’s examine the current environment that security leaders are dealing with to understand the need for cognitive security solutions. Security leaders are challenged by the complexity of threats and the speed with which they are able to respond to them. They identified reducing average incident response and resolution time as a top cybersecurity challenge.
Additionally, leaders are worried about how security incidents affect their operations today, and how they may shape their reputations tomorrow. About 68 percent of respondents said loss of brand reputation presents the greatest future concern.
Security leaders don’t feel they are as effective as they could be in addressing network and data protection and rapid, intelligent threat response. However, they are working to address these deficiencies, with 57 percent planning to improve monitoring of network, application and data-level security in the next few years.
Acquiring the right resources to address these issues will be difficult. Seventy-eight percent have seen the cost for cybersecurity increase in the last two years, and 84 percent expect it to increase in the next two to three years. Faced with these growing costs, security leaders are seeking better ways to justify their investments to business leaders.
Filling In the Gaps
Today, many organizations look to cognitive security solutions to help address their interrelated gaps in intelligence, speed and accuracy. Even though this technology is in its infancy, there is great hope and optimism about its potential. In fact, 57 percent of participants in the IBM survey believed these solutions can significantly slow down cybercriminals.
Survey respondents listed improved detection and response decision-making capabilities, significantly improved incident response times, and increased confidence to discriminate between events and true incidents as the top features and benefits of cognitive-enabled security solutions.
Early adoption will grow in the next few years. Seven percent of those surveyed said they are currently working to implement cognitive-enabled security solutions, and 21 percent plan to implement the capability in the next few years.
Despite the great promise, however, widespread adoption requires more education and preparation. Most are convinced of the value and benefits of cognitive security solutions, but 45 percent indicated they were unprepared to adopt the technology due to a shortage of skills. Cognitive security solutions are being designed for widespread consumption — this should not place more burdensome education demands on the backs of security analysts.
Preparing for the Cognitive Era of Security
We identified a group that is “primed for the cognitive era” of security solutions. When we analyzed security effectiveness, cognitive readiness and understanding, we found enthusiastic security leaders ready to enter the cognitive era of security solutions today.
This group made up about 22 percent of those we surveyed. In general, these organizations tend to be more familiar with cognitive solutions, more confident in their security capabilities and well-equipped with the requisite resources.
Technologies like machine learning, artificial intelligence and cognitive computing are here today and are beginning to be adopted. The bad guys are looking at these new tools to improve their capabilities, and organizational security leaders need to look at them as well. Cognitive security solutions provide the opportunity to truly think differently about security and how it can be improved.
If you think that cognitive security solutions may be right for your organization, there are a couple of things you can do to get started on the journey. First, assess and recognize your weaknesses. What specific shortcomings do you want to address with cognitive security solutions? Next, become educated about cognitive security capabilities. Learn about potential use cases and identify what manual activities, if automated, can yield improvements in accuracy, speed and intelligence.
In an environment where investment justification and return on investment (ROI) are requirements, spend time developing and communicating the benefits of cognitive security solutions to your business stakeholders. Treat cognitive security as a new capability, not just another point solution.
In the Wired interview, President Obama said, “Don’t worry as much yet about machines taking over the world. Worry about the capacity of either non-state actors or hostile actors to penetrate systems… It just means that we’re going to have to be better, because those who might deploy these systems are going to be a lot better now.”
To meet this formidable challenge, it is imperative that security professionals get primed for the cognitive era of cybersecurity.
Read the complete report on Cybersecurity in the cognitive era
Security and CIO Lead for the IBM Institute for Business Value
Big Data Security Intelligence & Mobile Security, IBM Security