For more information on how cognitive computing supports security, read the more recent blog post, “Elementary, My Dear Watson: Identifying and Understanding Malware With Cognitive Security.” 

A few days ago, IBM CEO Ginni Rometty announced the Cognitive Business initiative. This journey is supported by IBM Watson, the cognitive computing system that understands and learns from natural language.

The name Watson is not an homage to Sherlock Holmes’ friend and assistant Dr. John Watson, but rather to Thomas J. Watson, IBM’s first CEO and industrialist. Thomas Watson once said, “Thought has been the father of every advance since time began,” which became the inspiration behind IBM’s THINK trademark.

How Cognitive Computing Will Impact Identity Governance and Management Practices

My own personal view is simple. I’ve been in the identity management space since its inception. And in my personal experience, regardless of the product you use (and I’ve seen many), for every dollar spent on identity governance software today, there are more than $2 spent on consulting and implementation services. And the overall project risk sits at least 60 to 70 percent in the project execution rather than in the identity governance tool the client selects.

In the future, thanks to cognitive computing, I believe this ratio will change dramatically. Every dollar spent on software — in all probability, on software-as-a-service (SaaS) — will maybe be matched up to $1 on consulting and implementation services. As a result of that shift, project risk will also dramatically decrease.

Today, implementing identity governance focuses on getting different stakeholders aligned on the semantics of their own data. Businesspeople speak their specific function or line-of-business language. Security teams talk about security policies; compliance and risk officers talk about regulations; application owners speak mostly of their beloved applications; and finally, IT people speak the cryptic language of OS, databases and so forth.

We’ve All Seen It, Done It and Know It By Heart

Every stakeholder has knowledge somewhere in natural language: documents, process modeling tools, IT service management tools, technical data sheets, etc. Projects are all (or largely) about first getting everyone on the same page, followed by reading existing documentation, matching the semantics, producing additional documentation and then finally moving everything into a new product.

In essence, we’re reinventing the wheel every time, no matter which identity governance and management product is being used. Right now, this is a definite technology limitation.

Can We Simplify This?

Cognitive computing is all about finding natural language patterns among different content. I do believe that in the next three to five years, IBM will see enormous benefits from our cognitive business solutions and could deliver cognitive-enabled identity governance and intelligence to our customers.

It’s not going to be a fast journey, but only a company this size has the intellectual and financial strength to lead this revolution within security and, more specifically, in the identity governance space. For more information on identity and access management, watch the on-demand webinar, “Protect Your Business-Critical Assets: How to Govern and Audit Access for SAP and the Mainframe.”

Now isn’t that elementary, my dear Cognitive Identity Watson?

More from Artificial Intelligence

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

Security roundup: Top AI stories in 2024

3 min read - 2024 has been a banner year for artificial intelligence (AI). As enterprises ramp up adoption, however, malicious actors have been exploring new ways to compromise systems with intelligent attacks.With the AI landscape rapidly evolving, it's worth looking back before moving forward. Here are our top five AI security stories for 2024.Can you hear me now? Hackers hijack audio with AIAttackers can fake entire conversations using large language models (LLMs), voice cloning and speech-to-text software. This method is relatively easy to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today