Intelligent CIO APAC Issue 34 - Page 84

Meanwhile , IDC finds that cybersecurity has been identified as a top APAC investment – with one of the leading categories being AI and Machine Learning .
However , the study found that only 13 % of Asia / Pacific respondents stated this was an investment priority , hinting that the region is lagging .
Caption : Chris Fisher , Director of Security
Engineering APJ , Vectra
Gaining visibility over an attack surface means understanding threat vectors that sit beyond what you as a company own . Consider unauthorized access . An increasingly common term , this refers to the act of gaining access to a computer system , network or application without express permission or authorization – as the name suggests .
As was reported this month , Commonwealth Bank of Australia ’ s Indonesian unit was recently heavily impacted by an incident involving unauthorized access of a web-based software application used for project management . Similarly , AT & T has recently publicly announced that back in January , an unauthorized person breached a vendor ’ s system and gained access to the company ’ s Customer Proprietary Network Information ( CPNI ).
We can ’ t take this lightly . Gaining visibility and clarity through expert tooling reduces the burden on security teams and greatly improves an organization ’ s ability to understand threats , while also giving the chance to remediate quickly and effectively .
According to MarketsandMarkets , the AI in cybersecurity market size is valued at US $ 22.4 billion in 2023 and is anticipated to be US $ 60.6 billion by 2028 – growing at a CAGR of 21.9 % from 2023 to 2028 .
AI is a powerful tool in driving signal clarity and maximizing the use of our now more visible attack surface . AI enhances signal clarity by allowing us to zero in on the behavioral aspect of attacks and considering all possible infiltration points .
Attackers may be utilizing AI or automation to speed up their attacks , but this doesn ’ t inherently change their behavior . There are still certain actions they need to take to compromise a network and these behavioral markers are what we can pick up on . Security teams are alerted to suspicious behavior , improving efficiency and helping them to sift through the noise of alerts .
We hear from many organizations that they receive far too many false positives from their security tooling and security teams are inundated with information that they don ’ t know what to do with . Leveraging AI is not about replacing a human being , it ’ s about making what we do far more efficient and clarified . We can automate mundane tasks to free up employees , amplify an attack and improve our ability to respond .
When it comes to response , we must know what to do with the attack alerts that come through , otherwise all our clarity is for nothing . First , we determine what the attack is and second what to do about it .
Remediation is a helpful metric because it highlights that our goal is to remove the attacker from the environment but considers that there will be various ways to do this , depending on the systems and environment . There can ’ t be a blanket rule , we must be flexible , but we can create repeatable procedures that have flexibility built in .
Metrics such as meantime to remediation can showcase the value and benefit of AI in terms of real outcomes and returns .
Moving forward we expect to see CISOs and security leaders invest more into tooling that improves efficiencies and supports security teams in sifting through alerts and uncovering threats in a sprawling and broad attack landscape . The solutions are there and they ’ re getting better all the time , it ’ s just understanding what they are and how they can be integrated for maximum benefit . p
84 INTELLIGENTCIO APAC www . intelligentcio . com