One of the most important technology trends in cybersecurity is AI (artificial intelligence). The idea behind AI in cybersecurity is to use AI-enabled software to augment human expertise by rapidly identifying zero day malware, APTs, malwareless attacks, or hacking attempts, reducing the organizations’ incident costs. Because of recent advances in computing power and Cloud-based processing, AI in cybersecurity is now becoming a reality, no longer requiring, on the customer side, large structures of high-end servers with expensive processors to function – something critical just a few years ago.
AI Picks Up Speed
Cybersecurity organizations increasingly rely on AI with more traditional tools such as antivirus protection, data-loss prevention, fraud detection, identity and access management, intrusion detection, risk management, and other core security areas. Because of the nature of AI, which can analyze enormous sets of data and find patterns, AI is uniquely suited to tasks such as:
Detecting actual attacks more effectively and accurately than humans, detecting more of them, creating fewer false-positive results, and prioritizing responses based on real-world risks without manual human interventions.
Analyzing huge amounts of incident-related data rapidly so that security teams can swiftly take action to contain the threat.
Intentionally probing the defenses of software and networks to identify weaknesses before hackers can maliciously take advantage of them.
This intelligence would give cybersecurity organizations a significant edge in preventing future attacks automatically and stopping breaches before they occur. Both will help protect companies’ data and lower business IT costs.
The Economic Impact of Automation and AI on Incident Costs
In fact, according to IBM Security Cost of Data Breach Report 2023, AI and automation have the biggest impact on the speed of breach identification and containment for organizations. Organizations with extensive use of both AI and automation experienced a data breach lifecycle that was 108 days shorter compared to studied organizations that have not deployed these technologies (214 days versus 322 days).
"Time is the new currency in cybersecurity, both for the defenders and the attackers. As the report shows, early detection and fast response can significantly reduce the impact of a breach, Security teams must focus on where adversaries are the most successful and concentrate their efforts on stopping them before they achieve their goals. Investments in threat detection and response approaches that accelerate defenders speed and efficiency – such as AI and automation – are crucial to shifting this balance." IBM Security Cost of Data Breach Report 2023.
According to the same IMB 2023 report, organizations that fully deploy security AI and automation saw 108-day shorter breach lifecycles on average compared to organizations not deploying these technologies – and experienced significantly lower incident costs.
Organizations with extensive use of security AI and automation demonstrated the highest cost savings comparatively, with an average cost of a data breach at $3.60 million, which was USD 1.76 million less and a 39.3% difference compared to no use.
But the economic impact of Cybersecurity doesn’t stop at reduced incident cost; according to a recent Morgan Stanley Research,1 over 20 CISOs and CIOs, on average, security analyst spends 20-40% of their time on automatable tasks: reporting, alert summarization, patch management, and log monitoring and analysis were the four key tasks noted.
They estimated the global cyber workforce is ~4.7M professionals, and the median global salary is ~$80K. This means the median global cyber personnel spend is $374B. Assuming that 30% (interviewed CIOs’ suggestion was 20-40% of automation tasks) of this workflow can be automated presents $112B potential cost savings yearly.
The research analysts expect cybersecurity vendors to capture 10-50% of these cost savings over time. Taking the average (30%), Morgan Stanley estimates the TAM (Total Addressable Market) for AI-assisted cybersecurity solutions is $34 billion.
Managed Security Services Opportunity
However, AI-assisted cybersecurity solutions still require cybersecurity experts to supervise and instrumentalize those technologies. However, according to the IBM 2023 reports, only one-third of studied breaches were detected by organizations’ own security teams. This number shows the lack of cybersecurity-skilled personnel, representing a big new opportunity for managed security services leveraging automation and AI for efficient cybersecurity services.
Cybersecurity is a complex and ever-changing field that makes outsourcing the organization’s cyber security to an MSP, supported by automation and AI, one of the best ways to guarantee business protection and a great opportunity for them.
Automation and AI are the bases for some advanced cybersecurity platforms that shorten the threat lifecycle, reducing the incident and the cybersecurity analysts’ costs. WatchGuard Unified Security Platform approach is a perfect example that correlates and analyzes multi-product events in real time, continuously classifying applications according to their behavior and detecting and responding to abnormal behaviors of legitimate ones instrumentalized by threat actors.
To learn more about automation and AI in cybersecurity, visit WatchGuard Endpoint Security, WatchGuard Network security services, and WatchGuard ThreatSync/XDR as part of the WatchGuard Unified Security Platform architecture, enabling MSPs to provide effective and efficient advanced security services to their customers.