President Barack Obama recently sat down for an interview on emerging technologies with Wired Magazine. “Traditionally, when we think about security and protecting ourselves, we think in terms of armor or walls,” he said. “Increasingly, I find myself looking to medicine and thinking about viruses, antibodies … It means that we’ve got to think differently about our security.”

The idea of cybersecurity as a digital immune system is an apt metaphor. We can’t block everything, but we have to deal with everything. That’s where cognitive security solutions come in.

Embracing Cognitive Security Solutions

To help us manage everything, we need more complete and high-quality security information. There is no shortage of security content — both structured and unstructured content is generated on an enormous scale. However, it’s not feasible to review all this information in a timely fashion to make it actionable.

We are beginning to see the emergence of artificial intelligence, machine learning and cognitive computing tools that can help security teams take advantage of this information deluge and prompt better actions. These new systems can complement human tasks and provide better direction to our digital immune systems, enabling improved speed, more context and better management of the complex threat and risk landscapes. The goal is to bring together the best of both human and computer intelligence to create a more secure future.

Building a More Secure Future

In short, cognitive security solutions can understand, reason and learn about constantly evolving security threats. They are being developed to help tap the tremendous amount of security knowledge created for human consumption. The ultimate goals for cognitive security solutions are to move beyond the limits of manual efforts and enhance the work of security operations center (SOC) analysts, speed up response time with external intelligence and identify threats with advanced analytics. This all helps to reduce enterprise risk.

To better understand the current security landscape and how security leaders are thinking about and applying cognitive security technologies, IBM conducted a survey of 700 chief information security officers (CISOs) and other security leaders from 35 countries, representing 18 industries. The report, titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System,” provides insights into the current security operations context. It explains what the expectations and perceived benefits of cognitive security solutions are, whether security leaders are ready to implement the technology and what might be holding them back.

The Context for Cognitive

First, let’s examine the current environment that security leaders are dealing with to understand the need for cognitive security solutions. Security leaders are challenged by the complexity of threats and the speed with which they are able to respond to them. They identified reducing average incident response and resolution time as a top cybersecurity challenge.

Additionally, leaders are worried about how security incidents affect their operations today, and how they may shape their reputations tomorrow. About 68 percent of respondents said loss of brand reputation presents the greatest future concern.

Security leaders don’t feel they are as effective as they could be in addressing network and data protection and rapid, intelligent threat response. However, they are working to address these deficiencies, with 57 percent planning to improve monitoring of network, application and data-level security in the next few years.

Acquiring the right resources to address these issues will be difficult. Seventy-eight percent have seen the cost for cybersecurity increase in the last two years, and 84 percent expect it to increase in the next two to three years. Faced with these growing costs, security leaders are seeking better ways to justify their investments to business leaders.

Filling In the Gaps

Today, many organizations look to cognitive security solutions to help address their interrelated gaps in intelligence, speed and accuracy. Even though this technology is in its infancy, there is great hope and optimism about its potential. In fact, 57 percent of participants in the IBM survey believed these solutions can significantly slow down cybercriminals.

Survey respondents listed improved detection and response decision-making capabilities, significantly improved incident response times, and increased confidence to discriminate between events and true incidents as the top features and benefits of cognitive-enabled security solutions.

Early adoption will grow in the next few years. Seven percent of those surveyed said they are currently working to implement cognitive-enabled security solutions, and 21 percent plan to implement the capability in the next few years.

Despite the great promise, however, widespread adoption requires more education and preparation. Most are convinced of the value and benefits of cognitive security solutions, but 45 percent indicated they were unprepared to adopt the technology due to a shortage of skills. Cognitive security solutions are being designed for widespread consumption — this should not place more burdensome education demands on the backs of security analysts.

Preparing for the Cognitive Era of Security

We identified a group that is “primed for the cognitive era” of security solutions. When we analyzed security effectiveness, cognitive readiness and understanding, we found enthusiastic security leaders ready to enter the cognitive era of security solutions today.

This group made up about 22 percent of those we surveyed. In general, these organizations tend to be more familiar with cognitive solutions, more confident in their security capabilities and well-equipped with the requisite resources.

Technologies like machine learning, artificial intelligence and cognitive computing are here today and are beginning to be adopted. The bad guys are looking at these new tools to improve their capabilities, and organizational security leaders need to look at them as well. Cognitive security solutions provide the opportunity to truly think differently about security and how it can be improved.

If you think that cognitive security solutions may be right for your organization, there are a couple of things you can do to get started on the journey. First, assess and recognize your weaknesses. What specific shortcomings do you want to address with cognitive security solutions? Next, become educated about cognitive security capabilities. Learn about potential use cases and identify what manual activities, if automated, can yield improvements in accuracy, speed and intelligence.

In an environment where investment justification and return on investment (ROI) are requirements, spend time developing and communicating the benefits of cognitive security solutions to your business stakeholders. Treat cognitive security as a new capability, not just another point solution.

In the Wired interview, President Obama said, “Don’t worry as much yet about machines taking over the world. Worry about the capacity of either non-state actors or hostile actors to penetrate systems… It just means that we’re going to have to be better, because those who might deploy these systems are going to be a lot better now.”

To meet this formidable challenge, it is imperative that security professionals get primed for the cognitive era of cybersecurity.

Read the complete report on Cybersecurity in the cognitive era

More from Artificial Intelligence

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

AI reduces data breach lifecycles and costs

3 min read - The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to businesses not using AI-based cybersecurity tools. The report found that the more an organization uses the tools, the greater the benefits reaped. Organizations that extensively used AI and security automation saw an average cost of a data breach of $3.60…