The number one challenge for security leaders today is reducing average incident response and resolution times.” — IBM IBV Cognitive Security Report

In November, IBM’s Institute for Business Value (IBV) released a report titled “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System.” The report provides insights gleaned from a study of over 700 security leaders from across the globe and seeks to uncover the security challenges organizations face, all while shedding light on how to address them. The study also evaluated the impact of cognitive security solutions and gauged the industry’s current level of readiness for the oncoming cognitive era.

The study identified three main gaps that cognitive solutions might fill to improve an organization’s security posture: a speed gap to significantly improve incident response times, an intelligence gap to improve detection and incident response decision-making capabilities, and an accuracy gap to provide increased confidence to discriminate between events and true incidents.

A Short Primer on Cognitive Security

“Cognitive computing has the ability to tap into and make sense of security data that has previously been dark to an organization’s defenses, enabling security analysts to gain new insights and respond to threats with greater confidence at scale and speed,” wrote Marc van Zadelhoff in a previous article.

According to an IBM cognitive security white paper, this type of security is “characterized by technology that is able to understand, reason and learn.” In short, it is about analyzing security trends, distilling enormous volumes of data into information and further refining it into knowledge that can be turned into action.

The Incident Response Speed Gap

Respondents to the IBV study identified the speed gap as the top security challenge. Forty-five percent ranked reducing average incident response and resolution time as the top challenge today, and 53 percent identified the same area as the top challenge for the next two to three years.

This is somewhat surprising given the fact that 80 percent of the survey participants indicated that their incident response speeds have improved by an average of 16 percent in the past two years. Additionally, 37 percent believe that cognitive security solutions will significantly improve this response time.

Reading between the lines, security leaders have been pushing their teams to improve incident reaction times, but they also realized that the current level of improvements are inadequate to keep up with the ever-increasing pace of attacks. For that 37 percent of security leaders, cognitive security offers a ray of hope.

A Skills Gap Too?

It’s no secret that the cybersecurity field faces a skills gap of enormous proportions. In fact, Forbes estimated that the skills gap has reached 209,000 unfilled positions in the U.S. Additionally, a Cisco report tallied 1 million unfilled positions worldwide, a situation that’s unlikely to change anytime soon given the large volume of senior and highly seasoned security professionals preparing to retire and the relatively small investment in recruiting bright young minds into cybersecurity education and, eventually, cybersecurity careers.

The good news is that cognitive security solutions can help maximize the current workforce by reducing the amount of time before an anomaly is detected. They can provide better context and background information to those tasked with analyzing incidents.

Superhuman Capabilities

According to the IBM Cognitive Security white paper, “a cognitive system comprehends and processes new information at a speed that far surpasses any human.” It also noted that “cognitive computing is driving transformational change by harnessing not just data, but meaning, knowledge, process flows and progression of activity at a lightning-fast speed and scope.”

The prospect of turning over more of our incident response processes to machines might bring chills to those tasked with responding to incidents and analyzing their severity and impact. However, the goal isn’t to replace humans, but to supplement their capabilities, much like an exosuit turns a human into a superhuman. Cognitive security solutions can accomplish in minutes what would take human analysts hours or even days.

Cognitive technology is still in its infancy. Those who get there first, however, will likely reap a significant competitive advantage over those who take a wait-and-see approach. As the saying goes, you don’t have to run faster than the bear — you just have to run faster than the guy behind you. Can your business truly afford to take a wait-and-see approach?

Read the full IBM Report on cybersecurity in the cognitive era

More from Artificial Intelligence

Generative AI security requires a solid framework

4 min read - How many companies intentionally refuse to use AI to get their work done faster and more efficiently? Probably none: the advantages of AI are too great to deny.The benefits AI models offer to organizations are undeniable, especially for optimizing critical operations and outputs. However, generative AI also comes with risk. According to the IBM Institute for Business Value, 96% of executives say adopting generative AI makes a security breach likely in their organization within the next three years.CISA Director Jen…

Self-replicating Morris II worm targets AI email assistants

4 min read - The proliferation of generative artificial intelligence (gen AI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging recent advancements in AI and natural language processing, malicious actors can exploit vulnerabilities in gen AI systems to orchestrate sophisticated cyberattacks with far-reaching consequences. Recent studies have uncovered the insidious capabilities of self-replicating malware, exemplified by the “Morris II” strain created by researchers. How the Morris…

Open source, open risks: The growing dangers of unregulated generative AI

3 min read - While mainstream generative AI models have built-in safety barriers, open-source alternatives have no such restrictions. Here’s what that means for cyber crime.There’s little doubt that open-source is the future of software. According to the 2024 State of Open Source Report, over two-thirds of businesses increased their use of open-source software in the last year.Generative AI is no exception. The number of developers contributing to open-source projects on GitHub and other platforms is soaring. Organizations are investing billions in generative AI…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today