Four best practices for AI-powered cybersecurity
Artificial intelligence (AI) has achieved a prevalence across business functions in the last few years. Now, hackers are following suit. Today, cybercriminals can deploy AI to boost the success of many of their attacks. For example, they can use AI to spot patterns in user behavior, which hackers can take advantage of, or deploy it to identify new network vulnerabilities. As well as giving criminals improved accuracy, AI also works at immense speed, in real-time.
To combat these threats, cybersecurity teams need to be one step ahead. But this is no easy task. It’s been well-documented that today’s cybersecurity analysts are overwhelmed by the vast number of data and endpoints they need to monitor. Plus, there is a huge skills gap within the sector. (ISC)2 shows there were 3.12 million cybersecurity vacancies in 2020. To fill all of these, employee numbers would need to increase by a startling 89%.
How AI can improve cybersecurity
To combat new-age, intelligent attacks, while also relieving the burden on cybersecurity teams, AI is a must-have tool. We that 75% of executives say deploying AI allows their organization to respond faster to breaches, while three in five say it improves the accuracy and efficiency of analysts.
Despite the benefits, many companies struggle to successfully implement AI, particularly when it comes to scaling up pilots for enterprise-wide use.
To help organizations with successful deployment, four of the best practices are detailed here:
Selecting how you will use AI and who will oversee it is instrumental for a return on investment. A strategy needs to be laid out for AI deployment, taking into consideration governance mechanisms. For example, cybersecurity leaders need to define roles and responsibilities for cyber analysts, and assign ownership over who will monitor AI algorithm output to ensure any anomalies are caught and fixed.
It’s also important to select the right use cases for implementation, and review and expand these on an ongoing basis. To begin, cybersecurity leaders should choose AI programs that are less complex to implement but have high rewards, such as malware or intrusion detection. It’s also best to deploy use cases where the datasets are complete and up to date.
Harness the power of your data
AI is only as successful as the data you feed it. To be effective, organizations need to ensure that AI has full visibility into the enterprise’s infrastructure, data systems and application landscapes.
As well as this, data must be kept current for consistent high-quality output. This is where a data platform comes in. Organizations can either buy a ready-made platform to feed their information into, or build one internally. This platform must be reviewed and tweaked on an ongoing basis to make sure the AI tool is receiving adequate information.
Soar with SOAR
Security orchestration, automation and response (SOAR) are technologies that allow organizations to collect security data and alerts from different sources. SOAR supports incident analysis and triage by leveraging a combination of human and machine power. For AI deployment, these tools are essential in helping analysts define, prioritize and drive incident response activities through connections to data sources and platforms.
Upskill your teams
Deploying and harnessing the power of AI relies on a skilled team that understands the insights it generates and can take appropriate action where needed. Consequently, it’s paramount to upskill cybersecurity teams so that they understand AI processes and alerts. It can also be helpful to create user-friendly, intuitive interfaces for AI tools, to help cybersecurity teams interact with the technology without needing intense training.
AI’s potential to supercharge cybersecurity operations must be harnessed. As attack surfaces continue to grow and hackers become more advanced, the technology will become an additional teammate to cybersecurity teams in the security operations center. To ensure that investments provide an ROI and are accurate, it is vital that cybersecurity leaders deploy AI strategically, ensuring that they are giving both the tool and their teams the right information they need.
By Geert van der Linden, Executive Vice President of Cybersecurity at Capgemini
Searching for the Top 100 Leaders in Technology
The search is on for the Top 100 Leaders in Technology 2021 – nominated by readers of Technology magazine and open to all.
The initiative has been launched and nominations are now open, with the final, prestigious Top 100 due to be announced during Technology and AI LIVE running 14-16 September, beamed from London to the world.
This latest, definitive list of the leading executives and influencers in the industry will be announced at the event and shared across social media channels, this website, and presented in a special supplement that honours all of those named in our annual list.
The Top 100 Leaders follows on from the well-received Top 100 Women in Technology that BizClik Media Group (BMG) – publishers of Technology magazine, AI magazine and a growing portfolio of industry-leading titles – produced in March this year to coincide with International Women’s Day.
“The Top 100 Women recognised the incredible and influential women driving our industry,” says Scott Birch, editorial director, BMG. “The success of that initiative encouraged us to recognise the Top 100 Leaders – individuals championing everything that we love about technology and embracing best practice that’s good for business.”
Nominations are already coming in, with some notable highlights including:
Rhonda Vetere - Herbalife
Bryan Smith - Expedient
Nominate your Top 100 Leader HERE
The deadline for nominations closes on Sunday 1 August 2021, and it is free to nominate. The Top 100 Leaders will be announced across our platforms and at the LIVE event.