From automation to collaboration: AI in cybersecurity accelerates the future of security operations

 

As artificial intelligence continues to mature and cyber threats evolve in both sophistication and scale, AI in cybersecurity is emerging as a game-changing technology that is reshaping how organizations defend their digital environments.

Beyond traditional defense mechanisms, AI is driving efficiency by automating complex workflows, reducing human labor and enhancing the speed of threat detection and response. As businesses increasingly rely on distributed computing, AI’s ability to scale security operations is becoming critical to ensuring resilient and proactive defense strategies. With the rise of attack vectors and the demand for more robust security postures, AI is fast becoming the cornerstone of modern cybersecurity infrastructure.

“To kind of simplify the problem, you have a data problem, you have a knowledge problem and then you have kind of a people action problem to solve in security operations,” said Peter Bailey (pictured, left), vice president and general manager of SecOps, Google Cloud Security, at Google LLC. “You kind of need all three of those pieces nailed to build a modern security operation.”

Bailey was joined by Steph Hay (right), head of UX, Google Cloud Security, at Google, as they spoke with theCUBE Research’s John Furrier and Savannah Peterson at mWISE 2024, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how AI in cybersecurity is revolutionizing traditional security operations by automating processes, improving efficiency and enabling faster, more precise threat detection. (* Disclosure below.)

The role of AI in improving security operations

AI is augmenting traditional security operations by simplifying processes that have long been manual and labor-intensive. For example, the ability to automate the onboarding of data sources, streamline search queries and even assist in the creation of detection rules is dramatically improving efficiency, according to Bailey.

“We can start creating workflows, work streams that begin to automate steps along the way, which is today a very complicated set of work streams,” he said. “We will always look to simplify those experiences through the UI. Those are steps in the old day days that maybe took hours in days, maybe in today they can be right at your fingertips and go very, very quickly so you can respond faster.”

The more collaboration and expertise a team can draw upon, the better equipped they are to defend against cyberattacks. AI enhances this by serving as a force multiplier — bringing together threat analysts, security operations teams and AI-driven tools into a cohesive defense system, according to Hay.

“This is a team sport, and I think that convergence, too, of the different roles, making sure that you’re bringing in the expertise of a threat analyst and a tier-two SOC analyst and maybe a cloud security practitioner … to be able to bring those together into a common experience is going to transform the SOC,” she said.

Looking forward: The future of AI in cybersecurity

In particular, the integration of AI into platforms such as Google’s Security Operations suite allows users to tap into expert knowledge in real time. The ability to bring in external expertise — whether from Google’s teams or other industry leaders — adds an invaluable layer of defense, particularly in complex or novel threat scenarios, according to Bailey.

“Using the security operations example, again, take those insights and share those out in your organization, to create more credible bases for taking action for prioritizing something,” he said. “I think there is the ability to influence because you have better data, better insights to share across an organization. I think it helps in both of those ways.”

While AI offers vast potential, the journey is still in its early stages. The ultimate goal is to move from assisted to semi-autonomous security operations. In the future, AI agents could be deployed to proactively hunt for threats, analyze attack patterns and provide recommendations based on real-time data.

“It’s understandable because there’s so much new risk. There are AI-native risks, prompt injection is a real thing. Your company might make a promise to a customer that you can’t keep because it deployed AI. All of these things are totally legitimate concerns,” Hay said. “There’s a lot of hype around what AI is doing … and it’s because we need to deploy it responsibly. We’ve got a lot of work to do there still.”

 

Source - https://siliconangle.com/2024/09/18/ai-in-cybersecurity-mwise2024/

Cybersecurity Company

Trending News

Whatsapp IconWhatsapp IconTelegram IconSkype Iconmail Icon
halloween
Osiz Technologies Software Development Company USA
Osiz Technologies Software Development Company USA