Mike Hooper, Director of Digital Transformation (APAC) at OpenText
A day in the life of the intelligent and connected enterprise is complex. Amazing change is happening: for the good, the bad and the strange.
Right now, more than 4 billion people are connected to the Internet[1]. Information is now the most valuable commodity on earth (surpassing even oil). Digitalization has changed business models, changed the nature of conflict, even birthed new currencies. At the same time, damage from cybercrime is expected to hit $6 trillion annually by 2021[2]. Billions of new connected users and devices are a massive opportunity, and a massive risk.
Security, privacy and compliance are critical as information proliferates. Information is at the heart of business and at the heart of attacks. As attacks become more sophisticated, organizations need to up-level defenses and overall security posture. It’s a heavy lift for organizations facing increased risks from data sprawl, shadow IT, BYOD, weaponized artificial intelligence (AI) and more.
Fortunately, cybersecurity awareness is on the rise. From the customer, to the C-suite, to the boardroom, business stakeholders want to know more about security. Unfortunately, this new awareness is largely due to the almost daily global headlines announcing the latest breach. As organizations deal with a chainging threat landscape, they are also doing so while short-staffed. Cybersecurity Ventures points out a predicted global shortfall of 3.5 million cybersecurity jobs by 2021. As most enterprises barrel toward digital transformation, it’s never been more critical to protect the data at the core of business. Whether it’s through increased investment in education and training, or the use of AI to ease the load off skilled security analysts, the massive talent shortage needs to be addressed and addressed now.
The new AI – Augmented Intelligence
Conversations around AI often revolve around fear. Fear that machines may make humans, or at least many of our jobs, redundant. But rather than replacing human decision makers, AI has the potential to aid organizations in the fight against cyber threats. It’s not human v. machine, but human + machine. In other words, think Iron Man, not Terminator. The massive volume of cyberthreats and the complexity of the threat landscape create very intensive processes and workloads. Enterprises need to make security decisions that are smarter, faster and at global scale. AI is the enabling tech allowing for the automoation of labor-intensive processes and workflows. The result, increased productivity for security teams.
According to ESG research, 12% of enterprise organizations have already deployed AI-based security analytics extensively, and 27% have deployed AI-based security analytics on a limited basis. These implementation trends will only gain momentum throughout the year.
With AI, security teams will be able to automate repetitive tasks and reduce some network security workload, from monitoring suspicious activity to alerting teams of any anomalies in real-time. Augmented with this technology, human security teams can reduce detection time, gain greater visibility into networks, and focus on higher-order threats. Technology can act as a force multiplier, reducing some of the strain of trying to increase security headcount while facing the persistent skills gap.
Investing in Talent – A Necessity
Governments have become increasingly proactive in ensuring that the current and future workforce can right-skill themselves to address these challenges. For example, the Singapore government last year announced that they are developing an academy dedicated to training cybersecurity professionals, to hone their capabilities to work on the front line and protect Singapore and its critical information infrastructure[3].
At an organizational level, Chief Information Security Officers (CISOs) or Chief Security Officers (CSOs) must be empowered to invest in recruiting talent and developing their teams through participation in initiatives such as SkillsFuture in Singapore. In addition, by investing in their workforce, their teams will be able to work alongside new technologies to drive optimum outcomes.
For the intelligent and connected enterprise, it’s not a matter of if, but when a breach will occur. Organizations must leverage the right tools and skills to discover and recover quickly to reduce impact on the business when a breach does occur. The combined force of human intelligence and AI will dramatically improve an organization’s chance to stop cyberattacks as they happen, or minimize the damage if an attack is succseful. Technology has always made industry more efficient. From manufacturing, to retail, to medicine, technological innovation has created growth. With growth comes risk, but AI is helping cybersecurity professionals protect the information powering the 21st-century economy.
[1] https://wearesocial.com/blog/2018/01/global-digital-report-2018
[2] https://www.csoonline.com/article/3153707/security/top-5-cybersecurity-facts-figures-and-statistics.html
[3] Straits Times, “Singapore to have new academy to train cybersecurity professionals”, https://www.channelnewsasia.com/news/business/singapore-to-have-new-academy-to-train-cybersecurity-9229314, 19 September 2017