The number one challenge for security leaders today is reducing average incident response and resolution times.” — IBM IBV Cognitive Security Report

In November, IBM’s Institute for Business Value (IBV) released a report titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System.” The report provides insights gleaned from a study of over 700 security leaders from across the globe and seeks to uncover the security challenges organizations face, all while shedding light on how to address them. The study also evaluated the impact of cognitive security solutions and gauged the industry’s current level of readiness for the oncoming cognitive era.

The study identified three main gaps that cognitive solutions might fill to improve an organization’s security posture: a speed gap to significantly improve incident response times, an intelligence gap to improve detection and incident response decision-making capabilities, and an accuracy gap to provide increased confidence to discriminate between events and true incidents.

A Short Primer on Cognitive Security

“Cognitive computing has the ability to tap into and make sense of security data that has previously been dark to an organization’s defenses, enabling security analysts to gain new insights and respond to threats with greater confidence at scale and speed,” wrote Marc van Zadelhoff in a previous article.

According to an IBM cognitive security white paper, this type of security is “characterized by technology that is able to understand, reason and learn.” In short, it is about analyzing security trends, distilling enormous volumes of data into information and further refining it into knowledge that can be turned into action.

The Incident Response Speed Gap

Respondents to the IBV study identified the speed gap as the top security challenge. Forty-five percent ranked reducing average incident response and resolution time as the top challenge today, and 53 percent identified the same area as the top challenge for the next two to three years.

This is somewhat surprising given the fact that 80 percent of the survey participants indicated that their incident response speeds have improved by an average of 16 percent in the past two years. Additionally, 37 percent believe that cognitive security solutions will significantly improve this response time.

Reading between the lines, security leaders have been pushing their teams to improve incident reaction times, but they also realized that the current level of improvements are inadequate to keep up with the ever-increasing pace of attacks. For that 37 percent of security leaders, cognitive security offers a ray of hope.

A Skills Gap Too?

It’s no secret that the cybersecurity field faces a skills gap of enormous proportions. In fact, Forbes estimated that the skills gap has reached 209,000 unfilled positions in the U.S. Additionally, a Cisco report tallied 1 million unfilled positions worldwide, a situation that’s unlikely to change anytime soon given the large volume of senior and highly seasoned security professionals preparing to retire and the relatively small investment in recruiting bright young minds into cybersecurity education and, eventually, cybersecurity careers.

The good news is that cognitive security solutions can help maximize the current workforce by reducing the amount of time before an anomaly is detected. They can provide better context and background information to those tasked with analyzing incidents.

Superhuman Capabilities

According to the IBM Cognitive Security white paper, “a cognitive system comprehends and processes new information at a speed that far surpasses any human.” It also noted that “cognitive computing is driving transformational change by harnessing not just data, but meaning, knowledge, process flows and progression of activity at a lightning-fast speed and scope.”

The prospect of turning over more of our incident response processes to machines might bring chills to those tasked with responding to incidents and analyzing their severity and impact. However, the goal isn’t to replace humans, but to supplement their capabilities, much like an exosuit turns a human into a superhuman. Cognitive security solutions can accomplish in minutes what would take human analysts hours or even days.

Cognitive technology is still in its infancy. Those who get there first, however, will likely reap a significant competitive advantage over those who take a wait-and-see approach. As the saying goes, you don’t have to run faster than the bear — you just have to run faster than the guy behind you. Can your business truly afford to take a wait-and-see approach?

Read the full IBM Report on cybersecurity in the cognitive era

More from Artificial Intelligence

Data Privacy: How the Growing Field of Regulations Impacts Businesses

The proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. Today's AI Solutions On April…

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly complex IT environments and subsequent security tooling The ability to act on the insights from their security tools including security information and event management software…

4 Ways AI Capabilities Transform Security

Many industries have had to tighten belts in the "new normal". In cybersecurity, artificial intelligence (AI) can help.   Every day of the new normal we learn how the pandemic sped up digital transformation, as reflected in the new opportunities and new risks. For many, organizational complexity and legacy infrastructure and support processes are the leading barriers to the effectiveness of their security.   Adding to the dynamics, short-handed teams are overwhelmed with too much data from disparate sources and…

What’s New in the 2022 Cost of a Data Breach Report

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. New research in this year’s report also reveals for the first time that 83% of organizations in the study have experienced more than one data breach and just 17% said this was their first data breach. And at a time when…