Light Dark
August 25, 2022 By Gerald Parham 3 min read
Risk Management
Artificial Intelligence
Many industries have had to tighten belts in the “new normal”. In cybersecurity, artificial intelligence (AI) can help.
 
Every day of the new normal we learn how the pandemic sped up digital transformation, as reflected in the new opportunities and new risks. For many, organizational complexity and legacy infrastructure and support processes are the leading barriers to the effectiveness of their security.
 
Adding to the dynamics, short-handed teams are overwhelmed with too much data from disparate sources and an abundance of tools, yet a scarcity of insights. These challenges can easily exceed the skills of even the largest, best teams.
 

Source: IBM

In a time of greater challenges and fewer resources, how can security leaders become more effective, minimize their expenses and get the most out of their employees without burning them out? A recent study from the IBM Institute for Business Value (IBV) suggests people are investing in AI and automation to address many of these challenges.

The IBV partnered with APQC (American Productivity and Quality Center) in a survey of 1,000 business leaders to find out how AI is being used to support their operations and to quantify its impact on performance.

AI: Defense in a fast-paced world

The in-depth report contemplates questions that are top-of-mind for today’s leaders. How do AI and automation help? Where in the security life cycle do these tools have the greatest impact? Can pairing AI with automation deliver a higher return on security investment?

There are four primary ways AI technologies are transforming security operations:

  1. Machine learning helps identify patterns, take inventory of new assets and services and refine the performance of AI models.
  1. Reasoning tools help inform data analysis, enhance scenario modeling and foresee new attack vectors.
  1. Natural language processing can be used to mine text data sources, improve threat intelligence and enrich knowledge resources.
  1. Automation can help orchestrate time-intensive tasks, improve response times and reduce the burden for human analysts.

According to survey respondents, adopting AI-powered automation has enabled them to operate faster, with greater flexibility.

How are they doing this? One of the survey’s most compelling findings is that the mix of AI and automation is being used to offload routine triage tasks. It enables skilled analysts to focus on higher-value investigations that require human expertise and judgment.

Register for the AI + Cybersecurity webinar

Practical use of AI

The report offers actionable insights into how security leaders are using AI and automation to support their protection, prevention, detection and response processes. For example:

Source: IBM Security Services based on an analysis of aggregated 2021 performance data. Note: Performance thresholds depicted are expected to improve on a continuing basis. 

Investing in security AI and automation is leading to tangible performance benefits. Compared to non-AI adopters, AI adopters can save more than 14 weeks in threat detection and response:

Source: IBM

Importantly, these organizations are achieving this level of performance while also reducing costs and complexity.

Backed by research

Other IBM security research studies have found similar results. The 2022 Cost of a Data Breach report from IBM and Ponemon Institute found security AI and automation had the greatest positive impact on reducing the overall costs of a data breach. To address emerging threats, the IBM X-Force annual Threat Intelligence Index suggests best practices such as adopting a zero trust approach, automating incident response and deploying extended detection and response.

For security leaders, the key takeaway is that investing in AI and automation enables you to make more of your skilled talent while also improving your overall performance.

Want to dig into the data or get more insights? Read the full report here. Learn more about AI and cybersecurity here.

 |  |  |  | 
Gerald Parham
Global Research Leader - Security & CIO, IBM Institute for Business Value (IBV)

More from Risk Management
November 20, 2023

Operationalize cyber risk quantification for smart security

4 min read - Organizations constantly face new tactics from cyber criminals who aim to compromise their most valuable assets. Yet despite evolving techniques, many security leaders still rely on subjective terms, such as low, medium and high, to communicate and manage cyber risk. These vague terms do not convey the necessary detail or insight to produce actionable outcomes that accurately identify, measure, manage and communicate cyber risks. As a result, executives and board members remain uninformed and ill-prepared to manage organizational risk effectively.…

November 14, 2023

The evolution of ransomware: Lessons for the future

5 min read - Ransomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider threats. While the future of ransomware is full of unknown threats, we can look to the past and recent trends to predict the future. 2005 to 2020: A rapidly changing landscape While the first ransomware incident was observed in 1989,…

November 2, 2023

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

October 27, 2023

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature