This is the third and final installment in our three-part series on how cognitive security can help organizations protect their critical assets. Be sure to read Part 1 and Part 2 to learn how cognitive tools can help security leaders address the speed, intelligence and accuracy gaps.

Are you ready for cognitive security?

The world we live in today presents enormous challenges and opportunities. Even though organizations have improved their security posture, attackers are still making quick work of getting in and stealing stuff.

Security leaders point to the incremental improvements they have made to increase their incident response capabilities and response times. But while defenders are making progress, albeit slow progress, attackers are keeping ahead, both in terms of attack frequency and their ability to evolve their approaches to thwart defenses and responders.

Untapped Potential

Anyone who has been in the field of information security long enough to track trends likely has that uneasy feeling that things haven’t been getting better. On the defense side, we’re barely keeping up. Additionally, organizations struggle to fill new security positions or even just retain their existing security staff. The following image illustrates the tough position IT is in today:

“We have never known a technology with more potential to benefit society than artificial intelligence,” wrote Guru Banavar, the chief science officer of Cognitive Computing at IBM, for Harvard Business Review. “We now have AI systems that learn from vast amounts of complex, unstructured information and turn it into actionable insight.”

Cognitive computing has the potential to shake up the cybersecurity landscape. This isn’t lost on the security leaders surveyed for the IBM Institute for Business Value (IBV) report, “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System.” Given that many identified incident response and resolution speed as a top security concern, 57 percent of respondents pointed to the potential of cognitive computing to significantly slow the efforts of cybercriminals.

Hear more from Chris Veltsos in this podcast: The Cognitive Transformation is for Everyone

Peculiar Patterns

When the IBV team analyzed the patterns in the responses, three main groups emerged, corresponding to different classes of readiness on the path toward adopting cognitive security: organizations that are Pressured, those that are Prudent, and those that are Primed.

  1. The Pressured (52 percent) reported funding and staffing challenges and appeared to be less familiar with the benefits of cognitive computing than the other two tiers. These organizations also tended to receive a smaller share of the IT budget, had issues obtaining sufficient funding, and struggled to hire and retain staff.
  2. The Prudent (27 percent) can be thought of as the middle ground. This group did not report the same level of constraints as the Pressured, but they were not quite ready to implement cognitive security in the near term.
  3. The Primed (22 percent) group is much more familiar with cognitive security benefits, has more confidence in the value it can bring and appears to command — or benefit from, depending on your perspective — the highest slice of funding relative to the IT budget.

Ninety-two percent of Primed organizations reported having over 10 percent of the IT budget dedicated to security, compared to 81 percent for the Prudent, and only 55 percent for the Pressured. The Primed group also reported being more effective at communicating risk exposure effectively to executives and boards of directors (81 percent), compared to Prudent (67 percent) and Pressured (55 percent) organizations. Similarly, the Primed group reported having defined metrics to assess security operations for accuracy and productivity (74 percent), versus 62 percent for the Prudent and 57 percent for the Pressured.

Getting Primed for the Cognitive Security Revolution

What is the best way for Prudent or Pressured organizations to catch up to their Primed peers? The report provided a list of recommendations, including:

  • Recognize your weaknesses, especially those surrounding responsiveness, having access to threat intelligence and distinguishing events from incidents.
  • Learn more about cognitive security capabilities and how they can help address your organization’s weaknesses. However, realize that some of this knowledge should be shared with both technical and business leaders to ensure buy-in when the time comes to discuss a path toward adoption.
  • Define an investment plan, because security leaders need to justify their security investments — including the adoption of cognitive security.

One way to justify the return on investment (ROI) is to look at the benefits well beyond the confines of IT and security. The right security investments provide advantages across the entire organization by reducing the cost of dealing with incidents and, when the worst case happens, reducing the overall damage of a data breach. Security leaders should work with HR to document potential savings related to staffing and with the legal department to document potential savings related to improved incident response detection capabilities, incident response times and accuracy.

Building Trust in AI

Some of your colleagues may have deep aversions to using cognitive security to snoop on all data. As Banavar put it, the era of cognitive computing means that, in just a few short years, AI systems will be able to “pervasively support the decisions we make in our professional and personal lives.”

We also need to realize, however, that humans will need time to trust AI systems. Banavar compared this to trusting someone in the context of a personal relationship. It takes time, and each party is sure to scrutinize the other to ensure they behave as expected and, in the case of cognitive security, within operational parameters. But the organizations that start this process early will be in the best position to succeed in the long term.

“Delaying the implementation of artificial intelligence is not an option,” Banavar wrote. “We pay a significant price every day for not knowing what can be known.”

Read the complete IBM Report on cybersecurity in the cognitive era

More from Artificial Intelligence

How AI can be hacked with prompt injection: NIST report

3 min read - The National Institute of Standards and Technology (NIST) closely observes the AI lifecycle, and for good reason. As AI proliferates, so does the discovery and exploitation of AI cybersecurity vulnerabilities. Prompt injection is one such vulnerability that specifically attacks generative AI. In Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, NIST defines various adversarial machine learning (AML) tactics and cyberattacks, like prompt injection, and advises users on how to mitigate and manage them. AML tactics extract information…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

How I got started: Cyber AI/ML engineer

3 min read - As generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interset, an AI cybersecurity company acquired by MicroFocus and then by OpenText. She continues as part of that team today. Did you go to college? What did you go to school for? Pospelova: I graduated with a bachelor’s degree in computer science and a…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today