Gartner believesArtificial Intelligence (AI) security will be a top strategic technology trend in 2020,and that enterprises must gain awareness of AI’s impact on the security space. However, many enterprise IT leaders still lack a comprehensive understanding of the technology and what the technology can realistically achieve today. It is important for leaders to question exasperated Marketing claims and over-hyped promises associated with AI so that there is no confusion as to the technology’s defining capabilities.
IT leaders should take a step back and consider if their company and team is at a high enough level of security maturity to adopt advanced technology such as AI successfully. The organization’s business goals and current focuses should align with the capabilities that AI can provide.Â
Astudy conducted by Widmeyerrevealed that IT executives in the U.S. believe that AI will significantly change security over the next several years, enabling IT teams to evolve their capabilities as quickly as their adversaries.Â
Of course, AI can enhance cybersecurity and increase effectiveness, but it cannot solve every threat and cannot replace live security analysts yet. Today, security teams use modern Machine Learning (ML) in conjunction with automation, to minimize false positives and increase productivity.
As adoption of AI in security continues to increase, it is critical that enterprise IT leaders face the current realities and misconceptions of AI, such as:
AI is not a solution; it is an enhancement. Many IT decision leaders mistakenly consider AI a silver bullet that can solve all their current IT security challenges without fully understanding how to use the technology and what its limitations are. We have seen AI reduce the complexity of the security analyst’s job by enabling automation, triggering the delivery of cyber incident context, and prioritizing fixes. Yet, security vendors continue to tout further, exasperated AI-enabled capabilities of their solution without being able to point to AI’s specific outcomes.
If Artificial Intelligence is identified as the key, standalone method for protecting an organization from cyberthreats, the overpromise of AI coupled with the inability to clearly identify its accomplishments, can have a very negative impact on the strength of an organization’s security program and on the reputation of the security leader. In this situation, Chief Information Security Officers (CISO) will, unfortunately, realize that AI has limitations and the technology alone is unable to deliver aspired results.
This is especially concerning given that 48% of enterprises say their budgets for AI in cybersecurity will increase by 29 percent this year,according to Capgemini.
We have seen progress surrounding AI in the security industry, such as the enhanced use of ML technology to recognize behaviors and find security anomalies.
