Faced with an onslaught of cyberthreats, today’s security teams must contend with a new operational reality.
Pandemic-accelerated digital transformation has led to more remote workers. More cloud users. More cloud providers. Essential systems integration across an ecosystem of partners. An astounding number of edge devices passing Internet of Things (IoT) data to the cloud. All interconnected and interdependent, delivering the speed, scale, and connectivity expected in our daily digital lives. And all radically expanding an organization’s attack surface for cyber criminals to exploit.
More threat vectors have emerged—from an unwitting supplier to a disgruntled employee. Hackers disrupt business and consumer services with phishing, exfiltration of data, denial of service, malware, and ransomware attacks. Some threat actors are even applying adversarial AI to unleash more efficient strikes. Cyberattacks are increasingly sophisticated—and they are costly. For example, the average cost of a data breach reached an all-time high of $4.24 million in 2021.
Adopting AI-powered automation can help cybersecurity teams drive improved insights, productivity, and economies of scale.
The net result is a stark realization for many executives: modern digital operations are driving value but also creating new vulnerabilities. Cybersecurity professionals must adopt a more preventative, proactive posture for protecting core business operations.
To position their teams for success, they need to bring together disparate data sets and security tools while addressing the skills gaps in their limited cybersecurity resources. Our research suggests that leading organizations are pursuing a forward-looking approach to threat management, adopting AI-powered automation to drive improved insights, productivity, and economies of scale.
To understand how AI is being used to support security operations and to quantify its impact on cybersecurity performance, the IBM Institute for Business Value (IBV) partnered with APQC (American Productivity and Quality Center) to survey 1,000 executives with overall responsibility for their organization’s IT and operational technology (OT) cybersecurity systems. Respondents described their initiatives to use AI technology to support security operations and manage protection, prevention, detection, and response processes.
AI for cybersecurity is gaining traction
Overall, the majority of executives—globally and across industries—are adopting or are considering adoption of AI as a security tool. 64% of respondents have implemented AI for security capabilities and 29% are evaluating implementation.
Only 7% of respondents are not considering the use of AI for cybersecurity.
We refer to the 64% who are currently piloting, implementing, operating, or optimizing security AI solutions as the “AI Adopters.” They report AI applications have delivered significant positive impacts on their security outcomes. These include the ability to triage Tier 1 threats more effectively, detect zero-day attacks and threats, and reduce false positives and noise that require human analyst inspection.
AI advantage: AI Adopters improve performance by using AI for critical capabilities
The AI Adopters are successfully pairing AI systems with human intelligence to extend their visibility across a rapidly expanding digital landscape of apps and endpoints. In fact, 35% rank endpoint discovery and asset management as one of their top AI use cases now, with plans to increase usage to almost 50% in 3 years.
Facing a talent shortage, organizations are also turning to artificial intelligence to boost productivity of their overstretched resources. AI plus automation can help teams better manage the sheer volume and speed of security threats. 34% of AI Adopters say threat detection is one of their top AI use cases today, helping them gain efficiency from real-time detection of abnormalities. They also rank automated detection and response and threat intelligence as important applications, with plans to increase their use of AI for these capabilities in the next 3 years.
AI plus automation offers opportunities
Top-performing AI Adopters illustrate the potential for AI to transform cyber defense operations. Their use of AI has helped reinforce network security by monitoring 95% of network communications and 90% of endpoint devices for malicious activity and vulnerabilities. They estimate that AI is helping them detect threats 30% faster. They are also significantly improving response times to incidents and the time to investigate. And their return on security investment (ROSI) has jumped 40% as well.
Read the report to explore more positive impacts AI-powered cybersecurity solutions are delivering inside the security operations centers of leading Adopters. And review the action guide for steps you can take to drive performance and relieve pressure on overextended security teams using AI for cybersecurity.
Meet the authorsDr. Sridhar Muppidi, IBM Fellow, VP, and CTO, IBM Security
Lisa Fisher, Global Benchmark Research Leader, IT, security, and cloud, and Global Research Leader, Middle East and Africa, IBM Institute for Business Value
Gerald Parham, Global Research Leader, Security and CIO, IBM Institute for Business Value
Download report translations
Originally published 03 June 2022
Getting started with zero trust security
This guide highlights what sets pacesetters apart—and how organizations can create a zero trust security roadmap that leads to greater cyber resilience.
The new era of cloud security
Cybersecurity risks and demands are constantly evolving. Learn how trust networks can strengthen cyber resilience across the ecosystem.
AI ethics in action
Explore the state of AI ethics in organizations today and see how executives can advance trustworthy AI.
Smart procurement made smarter
Intelligent workflows don’t just create smart procurement—they create wiser procurement, from source to pay.
AI and automation for cybersecurity: How leaders succeed by uniting technology and talent - Japanese
Security executives are alleviating some of the strain using artificial intelligence (AI) and automation to expand visibility over an expanding digital estate and boost productivity of their workforce...