The Reality of AI in Cyber Security
The perception that artificial intelligence (AI) can serve as a "silver bullet" against a developing threat landscape is rooted in the ongoing quest to find technologies that will automate threat detection and response without the need for human intervention. Capgemini reported that 69% of enterprise executives surveyed felt AI is essential for responding to cyber threats in a report on AI and cyber security last year. However, despite its promise, AI within cyber security should be approached with a discerning eye.
The Limitations of AI
There is a tendency to believe that artificial intelligence can solve all problems associated with enterprise security programmes. While there is a lot to gain from AI, there is a danger that companies are overly optimistic about exactly what the technology can deliver. When leveraged for the right use cases, AI has the power to move security teams away from the never-ending cycle of ‘detect – respond – remediate – reprogramme’, towards an approach to security that is more proactive, effective, and less like a game of ‘whack-a-mole’. But if companies invest in AI with the belief that it can fill the resource gap left unfilled by the ongoing cyber security skills crisis, then they are sorely mistaken.
Automation Generates Efficiencies, AI Creates Resource Drain
AI shouldn’t be used to paper over the cracks. It will struggle to solve existing cyber security issues if the organisation deploying the technology isn’t set up with flawless foundational security. At a time when budgets are under great scrutiny as companies fight to ride out the recession, it is technology that can squarely be considered to be a ‘luxury’. Many of the problems that AI claims to fix persist, and experienced security analysts who can make impactful decisions with proper context and insights about their attack surface cannot yet be displaced by AI.
Automation Today, Artificial Intelligence Tomorrow
For now, don’t get misted by AI. As it stands, the concept of the technology doesn’t live up to the solutions that are currently on the market. It is, however, fully plausible that organisations will improve their foundational security, and AI technology will no doubt advance to a level where it can live up to its grand promises. This isn’t technology that should be outright dismissed – it will play a significant role in the future.
However, now is not the time for risky investments – both in terms of financial outlay and time. In the current environment, businesses need to look at how they can bolster their security posture in a real, grounded and valuable way. Context-aware automation is an answer for today, when resources are tight and complexity abounds.
Conclusion
In conclusion, while AI has the potential to revolutionize the way we approach cyber security, it is essential to be realistic about its limitations and capabilities. By leveraging automation and AI in a way that is grounded in reality, we can create a more proactive, effective, and efficient approach to security.
FAQs
- What is the current state of AI in cyber security?
AI is not yet living up to its grand promises, but it has the potential to revolutionize the way we approach cyber security in the future. - What are the limitations of AI in cyber security?
AI struggles to solve existing cyber security issues if the organisation deploying the technology isn’t set up with flawless foundational security, and it is not yet able to learn rapidly enough to keep pace with the breakneck speed at which malware evolves. - What is the future of AI in cyber security?
AI will play a significant role in the future of cyber security, but for now, context-aware automation is a more practical solution for organisations with limited resources and tight budgets.
Written by Peter Margaris, Head of Product Marketing at Skybox Security.
