According to new Computing Delta research, IT leaders are cautiously welcoming towards AI-enhanced security tools. Most agree that some sort of machine learning is necessary to counter the increasing use of automation by attackers, the rate at which new threats are emerging, and the spread of the attack surface into the cloud and out to the edge.
However, they are wary about the claims by security vendors, in part because the effectiveness of AI is hard to prove.
In a study among 130 IT leaders who had deployed or who were trialling AI-enhanced security solutions, only 11 per cent said AI/ML had completely revolutionised their vendors' security solutions. Much more common was the attitude that a fair amount of progress has been made but there is some hype involved (61 per cent), while 20 per cent felt that the actual implementation is still lacking.
That said, the number of naysayers was small with just one per cent dismissing the field as "all hype".
In part, the IT leaders' caution is down to the cost of the products. The AI label can add significantly to the price tag, and some were unsure whether this was justified.
"It's just a SIEM with AI bolted on the side as far as I can work out," said an IT and security manager in insurance. "They want you to think this is something you plug in and it talks to your firewalls and talks to your endpoints and writes rules as you go. It's not going to do that."
"I'd say ‘AI-enhanced' means a synchronised system analysing logs or behaviours, but mainly it's a fancy word to sell products," added an IT director at a firm of architects.
However, most of the IT leaders we spoke to believed that AI is the future and that while the current market is immature, they would be certainly be looking for machine learning capabilities when purchasing new cyber security products.
"Based on the proof-of-concept that we are running right now, I would say we're a little more optimistic [about being able to protect against advanced threats]," said a director of technology in the public sector.
"I want something that's able to look at a human, at what a human is doing," said the IT and security manager in insurance.
AI-enhanced security solutions will be a topic under discussion on Thursday June 18th at our virtual Deskflix event: Cybersecurity: new threats, new approaches.
The holy grail of I&AM is to actually improve the user experience while making the business more secure, but most organisations are a long way from that
Post Quantum's Classic McEliece algorithm is the only remaining contender in the code-based category of algorithms designed to protect communications from attacks using quantum computers
Cloud-based threat intelligence is the only way to keep ahead of the bad guys, says Check Point's Eddie Doyle