If asked to name the current hottest topic in the IT industry, few people would answer anything but artificial intelligence (AI).
In less than 12 months, AI has evolved from a technology understood only by IT professionals to a tool used by everyone from schoolchildren to writers, coders, and artists.
Developments in AI are also having a significant impact when it comes to cybersecurity. AI-enabled tools are helping security teams by rapidly identify threats such as zero-day malware, APTs, malware-less attacks, and hacking attempts.
Also, recent advances in computing power and cloud-based processing are helping to make AI-powered security tools much more accessible. They no longer require large numbers of high-end servers to function, as was the case even just a few years ago.
Increasing AI integration
Growing numbers of organisations are integrating AI tools with existing security measures such as antivirus protection, data-loss prevention, fraud detection, identity and access management, and intrusion detection.
AI is able to analyse the large volumes of data generated by these tools much more quickly than a team of humans could. This is because AI excels at tasks such as:
- Detection: AI tools can detect attacks more quickly and accurately than humans. The tools create fewer false-positive results and can prioritise responses based on real-world risks without requiring human intervention.
- Analysis: The tools can trawl through large volumes of data and alert security teams about incidents that require additional attention. This means teams are much better placed to respond quickly to an attack and limit its impact.
- Probing: AI tools can also be used to constantly probe the security defences protecting critical assets to identify weaknesses before hackers can take advantage of them.
Having this intelligence capability in place gives security teams a significant edge in preventing future attacks and responding quickly should one take place.
The impact of AI on the cost of cyberattacks
Interestingly, according to the 2023 IBM Cost of a Data Breach report, AI and automation have the biggest impact on the speed of breach identification and containment by security teams. According to the report, those organisations that make extensive use of both AI and automation experienced a data breach lifecycle that was 108 days shorter than those that did not.
According to the same report, organisations with extensive use of security AI and automation tools demonstrated the highest cost savings comparatively, with an average cost of a data breach at $US3.60 million. This is $US1.76 million less and a 39.3% difference compared to those who did not use such tools.
Time and salary savings
It should be remembered, however, that the economic impact of cybersecurity incidents doesn’t end with incident costs. According to recent research by Morgan Stanley Research, an average security analyst spends between 20% and 40% of their time on automatable tasks. These include reporting, alert summarisation, patch management, and log monitoring and analysis.
The company estimated the global cyber workforce currently comprises approximately 4.7 million professionals, and the median global salary is $US80,000, which means the median global cyber personnel spend is approximately $US374 billion. Assuming that 30% of this workflow can be automated, there is the potential for approximately $112 billion in cost savings annually.
The role of managed services
While AI-enabled tools can deliver significant benefits to organisations and their security teams, they still require human experts to deploy and manage them. In many cases, this is proving challenging as the IT industry continues to experience a significant shortage of qualified and experienced candidates.
The challenge actually represents a significant and growing opportunity for managed service providers (MSPs) that can leverage automation and AI to help them deliver effective cybersecurity services.
Cybersecurity remains a complex and ever-changing field. For this reason, it can make business sense for an organisation to outsource its cybersecurity requirements to a suitable MSP that is taking advantage of AI and automation to deliver the most effective protective measures possible.
AI will continue to evolve and provide support for security teams in new ways. By harnessing them internally or taking advantage of services provided by a qualified MSP, organisations can be sure they have the best possible protective measures in place.