The is the second article in a three-part series on how IBM Watson for Cyber Security can help analysts win the arms race against the increasingly sophisticated cybercrime landscape. Be sure to read part 1 for the full story.

Many large enterprises with significant investment in cybersecurity are excited at the prospect of cognitive security. But what about smaller enterprises? Is Watson too big, too complex or simply too expensive for an organization of that size? For a small business, a managed security services provider (MSSP) can make all the difference.

Living the Dream

Many small business owners start out with a dream of independence and success. They want to sell their goods and provide great consumer services. They know they need to protect their businesses, but their dreams did not include hiring security specialists to worry about compliance with data protection laws, let alone a highly volatile threat landscape. Many small businesses suffer six-figure losses as the result of a data breach, and a 2011 survey showed that 60 percent of them were forced out of business within six months of an attack.

Some owners may not immediately see how cognitive security can help them protect their business. Although Watson will make security analysts more productive, it will not replace them. Small or even midsized business owners might see the lack of a dedicated security staff as a barrier to getting any benefit out of Watson, despite the outstanding results other companies have enjoyed.

But this is not a new story. The same proviso has applied to many security tools for years. For business owners, the answer is an old story, too: That’s why they often outsource noncore business functions to specialists, rather than trying to specialize in everything.

Enter Managed Security Services

A cannier business might approach a trusted specialist security company in its local market for advice. Some businesses outsource security operations to a partner who can provide the best combination of people, process and technology. This arrangement works very well in most cases, but there are at least two caveats that arise in almost every relationship:

  1. The client business wants the service to be provided at the most competitive cost.
  2. The client more or less wants a guarantee against being breached.

Experienced cybersecurity professionals know that good security isn’t free. They also know that it is impossible to guarantee absolute immunity from data breaches. The truth is, many security specialists strive conscientiously to provide the most comprehensive service they can within the constraints of the client’s budget and the cost of providing the service themselves.

The Value of Cognitive Security

A good MSSP tries to meet the challenge to include the right technology and expertise while staying within budget. At first glance, a new cognitive system such as Watson can appear to be just another cost. In the long run, however, cognitive security saves money and improves the organization’s incident response capabilities, which makes for a valuable addition to any small business’s security suite.

A Good Investment

Throughout the history of IT, business owners have invested in technology with the hopes that their companies would either grow to recoup the cost or save money on existing processes. In this respect, Watson is like any other technology. The main thrust of cognitive security is that it provides context for faster, easier problem identification and resolution. Ultimately, this is about saving money as well as time. Business owners should look at the total cost of ownership rather than the book price when investing in new capabilities.

Reduce the Threat Surface

You can never completely avoid being breached, but you have some control over how quickly you discover a breach and how you respond to it. Watson can help businesses discover and respond to threats much faster and more comprehensively. It also has the potential to help companies reduce the threat landscape in their own infrastructures as well as their clients’. It will supplement and extend analysts’ awareness of where threats lie. This planning is critical to reduce the attack surface of your infrastructure.

Watson Is a Game Changer

You may be surprised at how relatively inexpensive Watson is. All circumstances differ, but it’s worth talking to your IBM sales team to find out how affordable Watson is for you. With the right trusted advisers to help small and medium businesses, Watson should be as much of a game changer for those companies as it is already proving to be for others.

Learn More About Watson for Cyber Security

More from Artificial Intelligence

How AI can be hacked with prompt injection: NIST report

3 min read - The National Institute of Standards and Technology (NIST) closely observes the AI lifecycle, and for good reason. As AI proliferates, so does the discovery and exploitation of AI cybersecurity vulnerabilities. Prompt injection is one such vulnerability that specifically attacks generative AI. In Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, NIST defines various adversarial machine learning (AML) tactics and cyberattacks, like prompt injection, and advises users on how to mitigate and manage them. AML tactics extract information…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

How I got started: Cyber AI/ML engineer

3 min read - As generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interset, an AI cybersecurity company acquired by MicroFocus and then by OpenText. She continues as part of that team today. Did you go to college? What did you go to school for? Pospelova: I graduated with a bachelor’s degree in computer science and a…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today