Embracing the future: How AI is transforming security and networking
Network management and security should go hand in hand. However, making these services work has become more complicated and riskier due to the growth of the public cloud, the use of software applications, and the need to integrate different solutions together.
This complex network security domain requires more skilled cybersecurity professionals. But as this need becomes obvious, so does the glaring skills gap. In the UK, half of all businesses face a fundamental shortfall in cybersecurity skills, and 30 percent grapple with more complex, advanced cybersecurity expertise deficiencies.
So, even with this lingering skills gap, businesses can achieve improved efficiency and productivity, as well as reduce their risk, with artificial intelligence (AI). AI can automate repetitive tasks, analyse large data sets and assist with real-time information to make informed decisions. This helps mitigate the challenges posed by the skills gap.
The over-stretched security team
With cyber threats affecting every part of a business, there is tremendous pressure to stop malware thwart cyber attacks. The financial toll of these events is substantial, with breach-related costs exceeding $4 million per incident and network outages incurring expenses of up to $300,000 per hour. On top of the visible financial costs, the intangible damage to a brand's reputation is immeasurable.
But the challenge faced by security and networking teams today is immense. They have the herculean task of managing and guarding a constantly growing IT ecosystem, which delivers massive volumes of network telemetry data combined with an overload of security alerts generated by multiple security point products. With outdated and often manual process to analyse data and triage alerts, security and networking teams are often overwhelmed. In fact, a Forrester survey revealed that 66 percent of security professionals experience burnout or suffer from extreme stress on a regular basis, while 51 percent suffer from mental health issues. It’s no surprise that individuals are choosing to leave the industry rather than put up with the stress and pressure.
With security and networking teams in a perpetual battle against this relentless onslaught of threats and incidents, a new approach is needed. In this context, the intervention of AI becomes crucial.
The role of AI in efficiency
Given the strain on security teams, implementing an AI solution emerges as a strategic move to simplify managing and monitoring complex networks while reinforcing security. Whilst AI can never fully replace a member of the security team, it can optimise limited resources and allow security professionals to focus more time on critical tasks.
AI is extremely capable of handling repetitive tasks and sifting through vast amounts of data. For example, advanced AI capabilities such as real-time threat identification and adaptive micro-segmentation, can go through large volumes of telemetry data. This means that security teams now have an automated process that can distinguish credible threats and false positives, without pulling a security professional from high-value tasks like threat response and strategy development.
How can AI help evolve cybersecurity roles?
Using AI allows understaffed cybersecurity teams to transition from a stressful, reactive posture to a proactive approach that promptly addresses threats. AI can be incorporated into both security and networking functions. This represents a substantial leap forward in enhancing the efficiency of modern business operations. Here’s some of the benefits security teams using AI:
- Identifying threats faster and more efficiently: AI is able to examine files and code snippets in real-time in order to pinpoint malware, saving security professionals’ precious time and resources. This technique is so efficient that it can counter 90 percent of common file types for zero-day attacks and significantly lighten the burden on sandboxes, reducing their workload by 75 percent.
- Real-time isolation of emerging threats: By using AI to monitor user behaviour, organisations can swiftly identify risks at their inception, effectively limiting any potential impact to a specific area within the network. This ensures a more focused response, reducing the scope and scale of potential harm to the network.
- Provide valuable context to security decision-making: Consider the role of Data Loss Prevention (DLP), where Large Language Models (LLMs) serve as effective tools for identifying sensitive data. Its role is pivotal in preventing data leakage, exposing proprietary company information such as source code and personally identifiable data.
AI doesn’t just ease the burden of security challenges, but also network operations. Thanks to AI’s capability for predictive analysis, it can proactively analyze network behavior and adjust traffic paths -- a feature called predictive traffic steering. Security and networking teams can tactically adapt traffic routes to avoid performance degradation or reachability issues, ensuring seamless application and network Service Level Agreements (SLAs) maintenance.
Evolving from traditional roles to AI-driven expertise
As AI tools increasingly become part of security operations, the roles and responsibilities of professionals in the field are evolving. Professionals no longer need to spend long hours sifting through logs and manually configuring security rules. The next wave of cybersecurity will require an ability to effectively interpret the results generated by AI algorithms and manage intricate systems powered by AI.
Understanding the basics of machine learning is now becoming as vital as mastering network protocols. Moreover, skills such as data science expertise, particularly in handling and analysing large datasets, are becoming indispensable. This shift in skills isn't just for front-line security analysts; it extends to leadership roles like Chief Information Security Officers (CISOs) and even board members. They too must acquire a more sophisticated understanding of this changing landscape to manage risk effectively.
For example, the role of AI in enabling adaptive micro-segmentation. This technology continually evaluates user behaviour and segregates potential threats in real time. Unlike traditional systems that rely on static, rule-based security protocols needing manual updates, these new systems adapt immediately to emerging threats. Knowing how to fine-tune such security policies in real time is becoming a valuable skill.
With the integration of AI, ethical considerations also come to the forefront. Tools based on generative AI have the potential to unintentionally produce misleading data, which could lead to biased actions or decisions. Automated enforcement of security policies could also infringe on individual privacy. Therefore, cybersecurity professionals must be well-versed not only in the technical aspects but also in the ethical dimensions of AI -- individuals will be required to perform ethical impact assessments and establish ethical policy controls.
Finally, a comprehensive understanding of existing regulations like General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), as well as upcoming frameworks such as the EU AI Act, is crucial. Complying with these regulatory and ethical aspects will not just contribute to creating more secure systems, but also guide organizations through the intricate maze of legal and societal expectations concerning data privacy.
AI is indispensable in navigating today's complex digital landscape, empowering businesses with efficiency, protection, and adaptability in the face of evolving challenges. Incorporating these AI-driven capabilities into the security and networking infrastructure will enhance operational efficiency and fortify defences against evolving threats and disruptions, ensuring a robust and resilient digital environment.
Photo Credit: Photon photo/Shutterstock
Sridhar Iyer is Director, AI/ML at Versa Networks