While many had hoped that along with the rise of cloud computing would come a more simple era of enterprise computing. In some ways, it has. With software as a service enterprise no longer have to contend with managing the infrastructure to support so many applications. With infrastructure as a service enterprises can cut the amount of infrastructure they must manage. It’s reduced the amount of infrastructure and applications that must be directly protected, patched, and maintained. But the era of more simple computing never arose.
As is most often the case when something becomes less costly and simpler to manage we find more ways of using it and use more of it. As a result, today more lines of business are deploying cloud on their own, outside the purview of IT. The result is that there are more apps in more locations with more data and identities and credentials that need protecting. And rather than workloads being predominately in one datacenter, they are on different public and provide cloud platforms.
Sure, cloud as simplified some things, but it’s also complicated some things. Other ways complexity has grown includes the rise of mobile devices, the internet of things, and the rapid digitization of nearly every business process that can be digitized. Additional reasons according to the survey, include the IT security gap and the lack of visibility into what every user and device is doing while connected to the IT infrastructure (both came in at 49 percent of respondents).
The result is the management and security of business-technology systems has grown more complex, not less. And enterprise IT managers and security professionals need every bit of help they can get. Fortunately, there is some help on the way in the form of machine learning and artificial intelligence.
According to a recent Ponemon survey, a healthy percentage of enterprises are using some form of AI in their security products today. To be exact, the survey found that twenty-five percent of respondents said they currently use some form of an AI-based security solution, with another 26 percent stating they plan on deploying these types of products within the next 12 months.
This survey, Closing the IT Security Gap with Automation & AI in the Era of IoT, surveyed 4,000 security and IT professionals across the Americas, Europe and Asia.
Consider IoT security. The Ponemon survey identified an important weakness in their IT security program is their lack of ability to spot attacks that use IT devices as the launch point. According to the survey, about three-fourths of respondents stated that their IoT devices are not security.
Also, 55 percent of respondents cited the hazy IT perimeter today — that includes IoT, BYOD, mobile, and cloud initiatives — as increasingly difficult. The research also found that the majority of respondents agree that AI-enhanced security products and services will reduce false alerts (68 percent), increase their team’s effectiveness (63 percent), provide greater investigation efficiencies (60 percent), advance their ability to more quickly discover and respond to stealthy attacks that have evaded perimeter defense systems (56 percent).
The report also found that compromised legitimate users are considered the greatest risk by respondents. And that the IT security gap leaves the IT infrastructure vulnerable to attack. “Only 38 percent of respondents are confident that attacks inside the IT infrastructure can be detected before they cause a cybersecurity breach, resulting in data stolen, modified or viewed by unauthorized entities. Fifty-one percent of respondents say attacks that have reached inside the network have the potential to do the greatest damage,” the report stated.
As we covered in our post earlier this summer, As Cloud, Cybersecurity Grow
More Complex, Enterprises Lean on AI we predicted this would be the
outcome there are many areas where AI can be a direct help to enterprise security efforts, including helping to better model their architecture and defenses. And analysts will be able to more readily defend their systems based on the most vulnerable choke points, the business value of data, regulatory controls, and similar factors. Another area is how machine learning and AI can enhance malware detection. All of this means AI will help enterprises better cut through those alerts and false positives and conduct more rapid and effective investigations and, hopefully, more effectively stop adversaries form having as many successful attacks.