Light Dark
November 22, 2016 By Christophe Veltsos 3 min read
Artificial Intelligence
Incident Response

The number one challenge for security leaders today is reducing average incident response and resolution times.” — IBM IBV Cognitive Security Report

In November, IBM’s Institute for Business Value (IBV) released a report titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System.” The report provides insights gleaned from a study of over 700 security leaders from across the globe and seeks to uncover the security challenges organizations face, all while shedding light on how to address them. The study also evaluated the impact of cognitive security solutions and gauged the industry’s current level of readiness for the oncoming cognitive era.

The study identified three main gaps that cognitive solutions might fill to improve an organization’s security posture: a speed gap to significantly improve incident response times, an intelligence gap to improve detection and incident response decision-making capabilities, and an accuracy gap to provide increased confidence to discriminate between events and true incidents.

A Short Primer on Cognitive Security

“Cognitive computing has the ability to tap into and make sense of security data that has previously been dark to an organization’s defenses, enabling security analysts to gain new insights and respond to threats with greater confidence at scale and speed,” wrote Marc van Zadelhoff in a previous article.

According to an IBM cognitive security white paper, this type of security is “characterized by technology that is able to understand, reason and learn.” In short, it is about analyzing security trends, distilling enormous volumes of data into information and further refining it into knowledge that can be turned into action.

The Incident Response Speed Gap

Respondents to the IBV study identified the speed gap as the top security challenge. Forty-five percent ranked reducing average incident response and resolution time as the top challenge today, and 53 percent identified the same area as the top challenge for the next two to three years.

This is somewhat surprising given the fact that 80 percent of the survey participants indicated that their incident response speeds have improved by an average of 16 percent in the past two years. Additionally, 37 percent believe that cognitive security solutions will significantly improve this response time.

Reading between the lines, security leaders have been pushing their teams to improve incident reaction times, but they also realized that the current level of improvements are inadequate to keep up with the ever-increasing pace of attacks. For that 37 percent of security leaders, cognitive security offers a ray of hope.

A Skills Gap Too?

It’s no secret that the cybersecurity field faces a skills gap of enormous proportions. In fact, Forbes estimated that the skills gap has reached 209,000 unfilled positions in the U.S. Additionally, a Cisco report tallied 1 million unfilled positions worldwide, a situation that’s unlikely to change anytime soon given the large volume of senior and highly seasoned security professionals preparing to retire and the relatively small investment in recruiting bright young minds into cybersecurity education and, eventually, cybersecurity careers.

The good news is that cognitive security solutions can help maximize the current workforce by reducing the amount of time before an anomaly is detected. They can provide better context and background information to those tasked with analyzing incidents.

Superhuman Capabilities

According to the IBM Cognitive Security white paper, “a cognitive system comprehends and processes new information at a speed that far surpasses any human.” It also noted that “cognitive computing is driving transformational change by harnessing not just data, but meaning, knowledge, process flows and progression of activity at a lightning-fast speed and scope.”

Related: Cognitive Security Key to Addressing Intelligence and Accuracy Gaps

The prospect of turning over more of our incident response processes to machines might bring chills to those tasked with responding to incidents and analyzing their severity and impact. However, the goal isn’t to replace humans, but to supplement their capabilities, much like an exosuit turns a human into a superhuman. Cognitive security solutions can accomplish in minutes what would take human analysts hours or even days.

Cognitive technology is still in its infancy. Those who get there first, however, will likely reap a significant competitive advantage over those who take a wait-and-see approach. As the saying goes, you don’t have to run faster than the bear — you just have to run faster than the guy behind you. Can your business truly afford to take a wait-and-see approach?

Read the full IBM Report on cybersecurity in the cognitive era

 |  |  |  |  | 
Christophe Veltsos
InfoSec, Risk, and Privacy Strategist - Minnesota State University, Mankato

More from Artificial Intelligence
February 13, 2025

How red teaming helps safeguard the infrastructure behind AI models

4 min read - Artificial intelligence (AI) is now squarely on the frontlines of information security. However, as is often the case when the pace of technological innovation is very rapid, security often ends up being a secondary consideration. This is increasingly evident from the ad-hoc nature of many implementations, where organizations lack a clear strategy for responsible AI use.Attack surfaces aren’t just expanding due to risks and vulnerabilities in AI models themselves but also in the underlying infrastructure that supports them. Many foundation…

February 11, 2025

The straight and narrow — How to keep ML and AI training on track

3 min read - Artificial intelligence (AI) and machine learning (ML) have entered the enterprise environment.According to the IBM AI in Action 2024 Report, two broad groups are onboarding AI: Leaders and learners. Leaders are seeing quantifiable results, with two-thirds reporting 25% (or greater) boosts to revenue growth. Learners, meanwhile, say they're following an AI roadmap (72%), but just 40% say their C-suite fully understands the value of AI investment.One thing they have in common? Challenges with data security. Despite their success with AI…

February 7, 2025

Will AI threaten the role of human creativity in cyber threat detection?

4 min read - Cybersecurity requires creativity and thinking outside the box. It’s why more organizations are looking at people with soft skills and coming from outside the tech industry to address the cyber skills gap. As the threat landscape becomes more complex and nation-state actors launch innovative cyberattacks against critical infrastructure, there is a need for cybersecurity professionals who can anticipate these attacks and develop creative preventive solutions.Of course, a lot of cybersecurity work is mundane and repetitive — monitoring logs, sniffing out…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature