“To function effectively in this knowledge economy, you need to read through trillions of data points. You basically need to go back to school every day to answer the questions that hit your desk. That is the challenge of the knowledge economy. And that is where I believe we can do something different in security with AI and cognitive.” — Marc van Zadelhoff

At IBM InterConnect 2017, Marc van Zadelhoff, general manager of IBM Security, delivered a thought-provoking keynote titled “Watson & Cybersecurity: Bringing AI to the Battle.” With multiple demos and a client panel, the keynote exemplified how IBM is addressing today’s biggest challenges in cybersecurity with innovative cognitive technology.

Addressing Challenges With Cognitive Security

Opening with anecdotes across health care, financial services and law enforcement, Marc painted a picture of the global challenges practitioners face every day around data, insight and skill. His point hit home with the security crowd. When it comes to security analysts, these challenges are not too different, and they are often overlooked.

In a given day, an enterprise might see 200,000 security events. One security analyst might have to investigate as many as 40 incidents, each of which can take hours or days to complete. When you couple this with the industrywide skills gap and the amount of time and money wasted chasing false positives, you begin to see just how difficult the life of a security analyst is. It’s high stakes and high stress — and when a threat hits, people want answers fast.

Thinking Differently About Cybersecurity

As Marc stated, “It’s time to think differently.” During his keynote, he introduced Sandy Bird, chief technology officer (CTO) of IBM Security, and Mike Spisak, IBM master inventor, to show how IBM is thinking differently with Watson for Cyber Security.

Sandy and Mike showcased Watson’s corpus of knowledge, built on the IBM Cloud, ingesting millions of security documents and forming billions of security data elements — always learning and never forgetting. While Sandy played the role of a security analyst investigating a threat actor with IBM QRadar Advisor with Watson, Mike communicated with Project Hayvn, the second-screen application that performs research and generates reports on demand.

In minutes, Sandy and Mike were able to leverage Watson’s massive collection of security knowledge to identify the threat actor’s activity. They also added real-time insight from IBM X-Force Exchange through Hayvn’s natural language application program interfaces (APIs). With artificial intelligence at top of mind, it served as a literal illustration of human and machine working together to deliver unprecedented speed, accuracy and intelligence.

Watson Driving the Future of Cybersecurity

After seeing the art of the possible, the audience listened as three clients discussed with Marc how Watson was delivering real results in the security operations center (SOC). It was a multilayered conversation with clients from Russia, the U.K. and the U.S. covering today’s security challenges, innovations and the importance of minding security basics.

The primary focus was on the next era of cybersecurity and the role of cognitive technology. As Stanislav Kuznetsov, deputy chairman of the executive board at Sberbank, summarized, “I’m sure that cognitive technology like Watson is the new future for every cybersecurity system.”

An Ongoing Journey

With the IBM Security Immune System fully draped behind him, Marc wrapped up the keynote with a final message that the journey to cognitive is just beginning. IBM Security is committed to cognitive innovation, infusing artificial intelligence (AI) capabilities into the world’s largest and broadest security portfolio.

Marc subsequently announced that IBM MaaS360 with Watson, IBM’s unified endpoint management solution, now features cognitive insights. A livestreamed question-and-answer panel was recorded shortly after.

Learn More About Cognitive Security Analytics

More from Intelligence & Analytics

BlackCat (ALPHV) Ransomware Levels Up for Stealth, Speed and Exfiltration

9 min read - This blog was made possible through contributions from Kat Metrick, Kevin Henson, Agnes Ramos-Beauchamp, Thanassis Diogos, Diego Matos Martins and Joseph Spero. BlackCat ransomware, which was among the top ransomware families observed by IBM Security X-Force in 2022, according to the 2023 X-Force Threat Intelligence Index, continues to wreak havoc across organizations globally this year. BlackCat (a.k.a. ALPHV) ransomware affiliates' more recent attacks include targeting organizations in the healthcare, government, education, manufacturing and hospitality sectors. Reportedly, several of these incidents resulted…

9 min read

Despite Tech Layoffs, Cybersecurity Positions are Hiring

4 min read - It’s easy to read today’s headlines and think that now isn’t the best time to look for a job in the tech industry. However, that’s not necessarily true. When you read deeper into the stories and numbers, cybersecurity positions are still very much in demand. Cybersecurity professionals are landing jobs every day, and IT professionals from other roles may be able to transfer their skills into cybersecurity relatively easily. As cybersecurity continues to remain a top business priority, organizations will…

4 min read

79% of Cyber Pros Make Decisions Without Threat Intelligence

4 min read - In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on? It’s not unusual for attackers to stay concealed within an organization’s computer systems for extended periods of time. And if their methods and behavioral patterns are unfamiliar, they can cause significant harm before the security team even realizes a breach has occurred.…

4 min read

Why People Skills Matter as Much as Industry Experience

4 min read - As the project manager at a large tech company, I always went to Jim when I needed help. While others on my team had more technical expertise, Jim was easy to work with. He explained technical concepts in a way anyone could understand and patiently answered my seemingly endless questions. We spent many hours collaborating and brainstorming ideas about product features as well as new processes for the team. But Jim was especially valuable when I needed help with other…

4 min read