The Benefits of Using AI in Cybersecurity

At a time when security teams are feeling overwhelmed with a wide range of issues ranging from legacy infrastructure and data overload to a lack of skills and fewer resources, IBM research shows that forward-thinking businesses are turning to Artificial Intelligence (AI) and automation to support security operations and address cybersecurity challenges.

The Role of AI in Cybersecurity

The rapid rise of hybrid and multi-cloud architecture has meant increasingly complex, interconnected technologies that offer a much larger attack surface for cybercriminals to exploit. Gaining visibility and control over this expanded surface and the entire IT ecosystem to stay in front of cyberthreats is extremely difficult without AI and automation in place to support protection, prevention, detection and response processes.

AI-powered cybersecurity solutions like Cognitive security with IBM Watson, IBM Security MaaS360 Advisor with Watson, and the IBM Security SOAR platform have several features which can transform an enterprise’s security operations, including:

Automation – handles repetitive tasks to free up time and resources, reduces threat volume, and enables faster prevention.

Machine Learning (ML) – analyses data and interprets patterns and structures for enhanced learning, reasoning, and decision-making.

Natural language processing (NLP) – empowers a new kind of learning, where machines don’t just collect data, they get smarter, which can then be used to augment human intelligence and improve threat intelligence.

Reasoning tools – find important insights and connections that a human operator may miss, enabling security operations centres (SOCs) to quickly respond to and shut down any existing security breaches and predict possible breaches in the future.

The AI Difference

AI features like continuous learning, the ability to make sense of vast volumes of data, analyse relationships between cyberthreats in seconds, and provide curated risk analysis are invaluable in helping organisations become more agile and effective at threat management and take the pressure off overburdened security teams.

Continuous verification of a user based on behavioural biometrics is also possible with AI-powered solutions, which is essential when trying to secure a remote or hybrid workforce on a range of potentially unsecured devices. Security teams can evaluate the risk of a specific user for a specific session. If the risk is low, they can choose not to subject the user to multiple passwords. On the other hand, if the risk is high, they can prompt the user for a password or even Two-Factor Authentication (2FA).

IBM Security’s Chief Technology Officer (CTO), Sridhar Muppidi, recently shared his vision of the future role of AI in cybersecurity, stating:

“We have a lot more to learn and evolve the maturity of AI in the next few decades to come. While the possibilities are endless, my vision is for AI to develop secure applications by default so that they are not as vulnerable and to reduce the number of breaches in the industry. I believe IBM is well-poised to not only help with secure application development but also secure data across hybrid cloud, as well as secure infrastructure.”