Are organizations ready to embrace AI security mitigation?
As organizations continue to accumulate sensitive information, risks for high-cost breaches grow, and privacy regulations tighten, a robust data governance strategy is crucial.
A survey conducted by Alfresco Software with Dimensional Research reveals the evolving role of artificial intelligence (AI) on enterprise security, and survey findings point to AI playing a more dominant role in IT strategy.
The survey, completed in spring 2018, polled more than 300 information technology stakeholders at companies with 500 or more employees in the U.S. and U.K. to quantify experiences, challenges and trends in digital transformation. Key focus areas for the survey included AI and broader security topics.
Near-Unanimous Support for AI-Enhanced Security but Few Implementations
When it comes to security and the emerging role of AI, enterprises are looking to an AI-powered future that integrates machine learning and automated responses to attacks, with a high degree of trust and openness in AI technology.
The survey indicates that 78 percent of IT pros expect AI to play a role in security in the coming year. But for the time being, the role will be small, with 57 percent of respondents revealing that “AI will play a minor role in security as we figure it out” and only 21 percent claiming, “AI is mature and will play a significant role in security.”
More than half (53 percent) of respondents say that they “personally trust AI to mitigate security risks.” And nearly all respondents (99 percent) are open to AI taking independent security actions, but only 8 percent of firms are currently leveraging AI and machine learning to detect and act on security issues.
An AI-Powered Shift Is Imminent
International Data Corporation (IDC) forecasts AI spending will grow from $12 billion in 2017 to $57.6 billion in 2021. As industries continue to invest in projects that utilize AI and machine learning capabilities, the shift to AI-powered security is imminent.
So, what’s the hang up? It’s an adopter’s dilemma right now. Though there is a generally accepted willingness to use AI in security remediation, without successful use cases to point to, enterprises are in a “you try it first” mode. The perceived risk to experimenting with AI in security applications is high. And, while the algorithms for intrusion detection are sophisticated and widely used, no first-mover advantage has emerged for AI in security incident triage.
However, as cybersecurity risks and privacy regulations increase, enterprises must find new ways to manage growing volumes of sensitive content with fewer resources. This means freeing up human intelligence from mundane tasks such as combing through spreadsheets and system logs or patching minor disruptions. But which tasks are better suited for humans, and which are more efficient for machines?
The Future Is AI Security Triage
Identifying security exceptions, access anomalies or changes in usage patterns is accomplished effectively with AI. It’s one thing to detect an incident, but when does the response to that incident become automated? With AI detection a commodity, exception handling is where the solution becomes more elegant. Companies will begin to use deep learning networks to automate triage, allowing humans to focus on more complex or proactive security initiatives.
Actioning post-detection will be an important area of growth and innovation in AI security. Though firms demonstrate a readiness to take it on, automated triage is uncharted territory. Experiments with the AI applications in security are not deployed at scale yet. Enterprises need more examples of successful AI-powered security implementations for widespread adoption.
More Data Drives More Efficient Security Solutions
Data that is gathered must be carefully managed for both security and legal compliance, preventing the leakage of personally identifiable information (PII). Even the data from AI-driven security presents a tempting target for hackers and must be protected with enterprise IT strategies that store and manage data securely.
Content that is not properly identified, stored and protected is a potential liability. It becomes even more important for companies to have a clear understanding of how data and records are being retained and who within the organization can access them. Part of a robust IT strategy is protecting critical information, and the rise of AI-enabled security technologies will help every organization establish solid governance and efficiently manage risk.