Businesses Are Banking On AI To Combat Cyber Threats, Says Study
Two thirds (69%) of organizations acknowledge that they will not be able to respond to critical threats without AI. Today, the number of end-user devices, networks, and user interfaces are growing. Thanks to advances in the cloud, IoT, 5G and conversational interface technologies. Hence, organizations face an urgent need to continually ramp up and improve their cybersecurity.
The study surveyed 850 senior IT executives from IT information security, cybersecurity and IT operations across 10 countries and seven business sectors. It also conducted in-depth interviews with industry experts, cybersecurity startups and academics.
AI-enabled cybersecurity is now an imperative
Over half (56%) of executives say their cybersecurity analysts are overwhelmed by the vast array of data points they need to monitor to detect and prevent intrusion. In addition, the type of cyber attacks that require immediate intervention, or that cannot be remediated quickly enough by cyber analysts, have notably increased, including:
· cyber attacks affecting time-sensitive applications (42% saying they had gone up, by an average of 16%).
· automated, machine-speed attacks that mutate at a pace that cannot be neutralized through traditional response systems (43% reported an increase, by an average of 15%).
Facing these new threats, a clear majority of companies (69%) believe they will not be able to respond to cyber attacks without the use of AI, while 61% say they need AI to identify critical threats. One in five executives experienced a cybersecurity breach in 2018, 20% of which cost their organization over $50m.
Executives are accelerating AI investment in cybersecurity
A clear majority of executives accept that AI is fundamental to the future of cybersecurity:
Nearly two-thirds or 64% said it lowers the cost of detecting breaches and responding to them – by an average of 12%. And three-fourths 74% said it enables a faster response time: reducing time taken to detect threats, remedy breaches and implement patches by 12%.
Sixty-nine percent also said AI improves the accuracy of detecting breaches, and 60% said it increases the efficiency of cybersecurity analysts, reducing the time they spend analyzing false positives and improving productivity.
Accordingly, almost half (48%) said that budgets for AI in cybersecurity will increase in FY-2020 by nearly a third (29%). In terms of deployment, 73% are testing use cases for AI in cybersecurity. Only one in five organizations used AI pre-2019 but adoption is poised to skyrocket: almost two out of three (63%) organizations plan to deploy AI by 2020 to bolster their defenses.
The study shows respondents believe that AI offers huge opportunities for cybersecurity, because you move from detection, manual reaction and remediation towards an automated remediation, which organizations would like to achieve in the next three or five years.”
India-specific figures are optimistic
Organizations are counting on AI to help overwhelmed cybersecurity analysts, said the study. Nearly 63 % Indian executive in the survey agreed that they will not be able to identify critical threats without AI. Nearly one-third of Indian executive mentioned that they are not able to successfully investigate all the incidents identified by the security tools
The study shows that India implements AI highest in Endpoints security is the highest at 71% as compared to the other countries which is only 68% whereas the use of AI in Data security is the lowest at only 55% vis-a-vis other countries at 71%
However, there are significant barriers to implementing AI at scale
The number-one challenge for implementing AI for cybersecurity is a lack of understanding of how to scale use cases from proof of concept to full-scale deployment. 69% of those surveyed admitted that they struggled in this area.
Geert van der Linden, Cybersecurity Business Lead at Capgemini Group says, “Organizations are facing an unparalleled volume and complexity of cyber threats. Hence, they have woken up to the importance of AI as the first line of defense. As cybersecurity analysts are overwhelmed, close to a quarter of them declaring they are not able to successfully investigate all identified incidents, it is critical for organizations to increase investment and focus on the business benefits that AI can bring in terms of bolstering their cybersecurity.”
Additionally, half of surveyed organizations cited integration challenges with their current infrastructure, data systems, and application landscapes. The majority of executives say they know what they want to achieve from AI in cybersecurity. But, only half (54%) have identified the data sets required to operationalize AI algorithms.
Anne-Laure Thieullent, AI and Analytics Group Offer Leader at Capgemini mentions, “Organizations must first look to address the underlying implementation challenges that are preventing AI from reaching its full potential for cybersecurity. This means creating a roadmap to address key barriers and focusing on use cases that can be scaled most easily and deliver the best return.”
“Only by taking these steps can organizations equip themselves for the rapidly evolving threat of cyber attacks. By doing so, they will save themselves money, and reduce the likelihood of a devastating data breach,” concludes Thieullent.