According to new Computing Delta research, IT leaders are cautiously welcoming towards AI-enhanced security tools. Most agree that some sort of machine learning is necessary to counter the increasing use of automation by attackers, the rate at which new threats are emerging, and the spread of the attack surface into the cloud and out to the edge.
However, they are wary about the claims by security vendors, in part because the effectiveness of AI is hard to prove.
In a study among 130 IT leaders who had deployed or who were trialling AI-enhanced security solutions, only 11 per cent said AI/ML had completely revolutionised their vendors' security solutions. Much more common was the attitude that a fair amount of progress has been made but there is some hype involved (61 per cent), while 20 per cent felt that the actual implementation is still lacking.
That said, the number of naysayers was small with just one per cent dismissing the field as "all hype".
In part, the IT leaders' caution is down to the cost of the products. The AI label can add significantly to the price tag, and some were unsure whether this was justified.
"It's just a SIEM with AI bolted on the side as far as I can work out," said an IT and security manager in insurance. "They want you to think this is something you plug in and it talks to your firewalls and talks to your endpoints and writes rules as you go. It's not going to do that."
"I'd say ‘AI-enhanced' means a synchronised system analysing logs or behaviours, but mainly it's a fancy word to sell products," added an IT director at a firm of architects.
However, most of the IT leaders we spoke to believed that AI is the future and that while the current market is immature, they would be certainly be looking for machine learning capabilities when purchasing new cyber security products.
"Based on the proof-of-concept that we are running right now, I would say we're a little more optimistic [about being able to protect against advanced threats]," said a director of technology in the public sector.
"I want something that's able to look at a human, at what a human is doing," said the IT and security manager in insurance.
AI-enhanced security solutions will be a topic under discussion on Thursday June 18th at our virtual Deskflix event: Cybersecurity: new threats, new approaches.
Identity management underwent dramatic changes following the coronavirus pandemic - including the leading vendors' positions
If the responsibilities of CSP and customers are not well understood, the risks to security are obvious
Dave Palmer, co-founder of Darktrace, discusses security risks to organisations, and describes how he felt when he heard that his organisation had won one of the coveted gongs at the UK IT Industry Awards 2020
Security firm iboss is disrupting the traditional VPN approach and enabling customers to access applications directly
The holy grail of I&AM is to actually improve the user experience while making the business more secure, but most organisations are a long way from that