Accelerating Cyber Threat Detection with IBM AI Assistant
IBM has introduced a new Cybersecurity Assistant for its Threat Detection and Response (TDR) Services powered by generative AI (Gen AI).
Built in collaboration with IBM Research, the tool is designed to accelerate and improve the investigation and response to critical security threats. It’s built on IBM’s watsonx data and AI platform and is designed to empower security analysts and streamline security operations for clients.
In addition to being included in IBM Consulting’s threat detection and response practice, the Cybersecurity Assistant will be part of IBM Consulting Advantage. This is an AI services platform with purpose-built AI assets designed to empower IBM consultants to deliver excellent value for clients.
Integrating AI
The news comes shortly after IBM released its Cost of a Data Breach Report, which found 51% of business leaders were concerned with rising security vulnerabilities amid the cyber threat landscape growing more complex.
As cyber incidents continue to evolve to be increasingly multi-dimensional, security teams across multiple businesses are having to confront numerous attacks. Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting explains that this ferocity leaves businesses without enough time or people to defend against threats.
“By enhancing our Threat Detection and Response services with Gen AI, we can reduce manual investigations and operational tasks for security analysts, empowering them to respond more proactively and precisely to critical threats, and helping to improve overall security posture for clients,” he says.
IBM TDR Services are designed to automatically escalate or close up to 85% of alerts. Now, the service will harness existing AI and automation capabilities alongside new Gen AI and speed up the investigation of the remaining alerts requiring action.
The new capabilities in particular have, according to the tech giant, reduced alert investigation times by 48% for one client already.
- Accelerate threat investigations and remediation with historical correlation analysis
- Streamlined operational tasks with an advanced conversational engine
- Access to a timeline view of attack sequences for greater context
- A Gen AI conversational engine providing real-time insights and operational task support, including opening or summarising tickets
Built into IBM's TDR Services, the new capability cross-correlates alerts and enhances insights from SIEM, network, EDR, vulnerability and telemetry to provide an integrative threat management approach.
By analysing patterns of historical, client-specific threat activity, security analysts will be equipped to be more proactive and precise. The assistant will also recommend actions based on historical activity patterns to help reduce the dwell time of attackers, in addition to helping teams continuously learn from investigations.
Advancing threat intelligence
The Cybersecurity Assistant's speed and accuracy is expected to improve over time. By explaining complex security events and commands, the TDR Service can help reduce noise and boost overall efficiency for clients.
“With IBM's advancements to its managed security services, businesses can gain a new level of insight into critical threats and benefit from technology that continuously learns from actions taken within their specific environment. This helps drive a cycle of increasingly accurate and rapid threat investigations, which is especially crucial today as businesses face a shortage of security resources and surplus in security risks and vulnerabilities.”
IBM has recently renewed its commitment to data governance to provide a safer foundation for global AI growth. Having co-created the Data Provenance Standards with multiple other organisations, the company seeks to place trust at the heart of its work as it seeks to improve responsible AI systems.
Its overall strategy holds strong enterprise data standards and governance practices as it advocates for enterprise responsibility.
******
Make sure you check out the latest edition of Technology Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Technology Magazine is a BizClik brand