People go glassy-eyed very quickly when confronted with the huge amounts of log data and alerts produced by today’s systems. AI software running on today’s powerful processors can zip through more data in minutes than humans could tackle in months and list problems and anomalies immediately.
Cyber criminals are already inside many systems, waiting for the right moment to complete their attacks. They can often hide from humans. On the other hand, AI can rapidly analyse swathes of situations and behaviours to spot the threat needles that correspond to malicious activity.
AI can speed up detection of genuine problems, rapidly cross-referencing different alerts and sources of security data. Human cyber security experts will still make the calls on the priorities of the incidents to be handled but can be further helped by AI systems that automatically suggest plans for optimizing responses.
Sorry, but cyber criminals have probably got there before you. AI, like technology in general, can be used for good or bad. Hackers have no scruples about using the latest tools to launch more attacks, each one more dangerous than the last. It’s an arms race of AI versus AI, and you need to keep up.
Humans excel in using their imagination, experience, and judgment to put better security strategies in place and improve overall security posture. That is, if they are not being swamped out by alerts and incidents. With AI supporting them, however, they can get back to what they do best.
A set of socket wrenches is not attractive. By itself, it won’t mend a car either. But in the hands of a skilled mechanic, there is little that cannot be repaired or improved. That is largely the situation with AI today. It won’t replace human security engineers neither can it handle cybersecurity on its own. However, it is now a critical tool for getting on top of cyber security, managing the volumes of threat data for better detection and response and keeping cyber defences high enough to repel or evict attackers before any serious damage can be done.