Enabling Security and Resiliency Outcomes with Artificial Intelligence: GenAI Joins Predictive AI
This IDC Perspective discusses how IDC defines AI in cybersecurity. Combinations of artificial intelligence (AI) and machine learning (ML) have influenced the cybersecurity landscape for the better of 15 years. What computers have always been able to do is make correlations to the bytes, files, hashes, and code that comprise a network. However, for all of the improvements in computing and years of refining algorithms, so much of operating the network and the cybersecurity software that protects the network are still manually intensive processes.After all of this time, recent developments in generative AI and, more specifically, ChatGPT are seemingly addressing the cybersecurity manpower gap. IDC calls it "autonomizing the SOC." The process of realizing a fully autonomous SOC involves several intermediary steps, but the new efficiencies in evidence are:The availability of enriched data at the time of the incident investigationThe ability to generate an instantaneous response based on the type of attack is increasingly automatedThe implementation of analytics to discover unmanaged devices in the networkThe development of natural language processing (NLP) that enables threat hunting and security querying at the speed of speech"In creating security outcomes, the hard work is not about the artificial intelligence but creating and enabling the security data foundations that will allow AI to create measurable benefits to IT professionals. Regardless, the cause for overall optimism is real," says Frank Dickson, group vice president, IDC Security and Trust.
Please Note: Extended description available upon request.
Executive Snapshot
Situation Overview
Defining Artificial Intelligence
Definitions
Artificial Intelligence as Applied to Security
User Behavioral Analytics — Somewhere Between Machine Learning and Artificial Intelligence
It's Not About the AI; It's About the Data
Data Framework Structures
Data Management
The Role of AI in Data Resilience
Data Curation
Concerns and Considerations in Leveraging AI
Present Limits to AI
Hallucinations and the Role of the Analyst
Data Security and Privacy Risks
To Presort with Labels or Without Labels Creates a Question of Privacy