The rise of big data and the Internet of Things (IoT) come with huge potential for forward-thinking organizations. But they also pave the way for greater security challenges since both political entities and for-profit cybercriminals look to compromise IT defenses and gain complete access to network services or data.
ABI Research noted that security automation may offer the fastest route from existing security structures to adaptive solutions based on artificial intelligence (AI) frameworks. But this road isn’t easy — how do companies overcome new challenges on the way to emergent security AI?
The Automation Advantage
Computer Business Review explained automated security processes are an essential part of empowering skilled security staff. Using current methods, many breach discovery efforts take 200 days or more, which gives attackers plenty of time to break down defenses, grab what they came for and disappear.
Huntsman Security CEO Peter Woollacott argued in Computer Business Review that the problem stems from dependence on manual processes to sort data and reach conclusions. “While all of the information is coming in at machine speed, they are always underwater,” making it impossible to gain ground, he said. Automation could help alleviate this issue by giving security specialists the time and space they need to identify key threat vectors and shore up infrastructure weakness.
Woollacott also emphasized specificity, noting that “analysts come on board to solve problems, [like] the surgeon comes on board to cut, not to push the patient from the ward into the theater and wash them down.” By relying on security professionals end to end, emerging threats and potential fixes may go unnoticed. Automating parts of the process, such as data collection and baseline analytics, allows companies to both save time and develop better security strategies.
But giving human analysts room to run is only the first step. Ideally, automation can help drive another key area of security advancement: emergent AI. It’s no easy task, since designing truly emergent AI solutions — which can intelligently respond to real-time security events rather than simply as their programming dictates — requires machines with both the speed to access big data in real time and the ability to learn independently.
As noted by the ABI Research study, automation here can be a “double-edged sword if not handled properly.” Giving AI too much responsibility too soon could open up organizations to serious data breaches or record-keeping compromises.
It’s no surprise, then, that many companies prefer human-AI partnerships that allow experts to leverage the broad knowledge of intelligent machines while retaining control over eventual outcomes. Increasing automation of threat analysis, historic data comparison and information gathering should further enhance these partnerships, ideally making it harder to identify where human expertise ends and machine capability begins.
Automation is a critical facet of the evolving cybersecurity market. While its immediate value stems from the ability to reduce manual process volume, this is just the beginning. Human-machine pairings, combined with improved data collection, continual learning and complete network access, should help pave the way for emergent security AI that is able to automatically and assertively defend corporate interests.