The is the second article in a three-part series on how IBM Watson for Cyber Security can help analysts win the arms race against the increasingly sophisticated cybercrime landscape. Be sure to read part 1 for the full story.

Many large enterprises with significant investment in cybersecurity are excited at the prospect of cognitive security. But what about smaller enterprises? Is Watson too big, too complex or simply too expensive for an organization of that size? For a small business, a managed security services provider (MSSP) can make all the difference.

Living the Dream

Many small business owners start out with a dream of independence and success. They want to sell their goods and provide great consumer services. They know they need to protect their businesses, but their dreams did not include hiring security specialists to worry about compliance with data protection laws, let alone a highly volatile threat landscape. Many small businesses suffer six-figure losses as the result of a data breach, and a 2011 survey showed that 60 percent of them were forced out of business within six months of an attack.

Some owners may not immediately see how cognitive security can help them protect their business. Although Watson will make security analysts more productive, it will not replace them. Small or even midsized business owners might see the lack of a dedicated security staff as a barrier to getting any benefit out of Watson, despite the outstanding results other companies have enjoyed.

But this is not a new story. The same proviso has applied to many security tools for years. For business owners, the answer is an old story, too: That’s why they often outsource noncore business functions to specialists, rather than trying to specialize in everything.

Enter Managed Security Services

A cannier business might approach a trusted specialist security company in its local market for advice. Some businesses outsource security operations to a partner who can provide the best combination of people, process and technology. This arrangement works very well in most cases, but there are at least two caveats that arise in almost every relationship:

  1. The client business wants the service to be provided at the most competitive cost.
  2. The client more or less wants a guarantee against being breached.

Experienced cybersecurity professionals know that good security isn’t free. They also know that it is impossible to guarantee absolute immunity from data breaches. The truth is, many security specialists strive conscientiously to provide the most comprehensive service they can within the constraints of the client’s budget and the cost of providing the service themselves.

The Value of Cognitive Security

A good MSSP tries to meet the challenge to include the right technology and expertise while staying within budget. At first glance, a new cognitive system such as Watson can appear to be just another cost. In the long run, however, cognitive security saves money and improves the organization’s incident response capabilities, which makes for a valuable addition to any small business’s security suite.

A Good Investment

Throughout the history of IT, business owners have invested in technology with the hopes that their companies would either grow to recoup the cost or save money on existing processes. In this respect, Watson is like any other technology. The main thrust of cognitive security is that it provides context for faster, easier problem identification and resolution. Ultimately, this is about saving money as well as time. Business owners should look at the total cost of ownership rather than the book price when investing in new capabilities.

Reduce the Threat Surface

You can never completely avoid being breached, but you have some control over how quickly you discover a breach and how you respond to it. Watson can help businesses discover and respond to threats much faster and more comprehensively. It also has the potential to help companies reduce the threat landscape in their own infrastructures as well as their clients’. It will supplement and extend analysts’ awareness of where threats lie. This planning is critical to reduce the attack surface of your infrastructure.

Watson Is a Game Changer

You may be surprised at how relatively inexpensive Watson is. All circumstances differ, but it’s worth talking to your IBM sales team to find out how affordable Watson is for you. With the right trusted advisers to help small and medium businesses, Watson should be as much of a game changer for those companies as it is already proving to be for others.

Learn More About Watson for Cyber Security

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read