Businesses are increasing the pace of investment in AI systems to defend against the next generation of cyberattacks, a new study from the Capgemini Research Institute has found. Two thirds of organizations acknowledge that they will not be able to respond to critical cybersecurity threats without AI.
The number of end-user devices, networks, and user interfaces is growing as a result of advances in the cloud, IoT, 5G and conversational interface technologies. Consequently, organizations face an urgent need to continually ramp up and improve their cybersecurity.
The “Reinventing Cybersecurity with Artificial Intelligence: the new frontier in digital security” study surveyed 850 senior IT executives from IT information security, cybersecurity and IT operations across 10 countries and seven business sectors, and conducted in-depth interviews with industry experts, cybersecurity startups and academics.
AI-enabled cybersecurity is now an imperative
Over half of executives say their cybersecurity analysts are overwhelmed by the vast array of data points. In addition, the type of cyberattacks that require immediate intervention, or that cannot be remediated quickly enough by cyber analysts, have notably increased, including:
- cyberattacks affecting time-sensitive applications (42% saying they had gone up, by an average of 16%).
- automated, machine-speed attacks that mutate at a pace that cannot be neutralized through traditional response systems.
Facing these new threats, a clear majority of companies believe they will not be able to respond to cyberattacks without the use of AI, while 61% say they need AI to identify critical threats. One in five executives experienced a cybersecurity breach in 2018, 20% of which cost their organization over $50m.
Executives accelerating AI investment in cybersecurity
A clear majority of executives accept that AI is fundamental to the future of cybersecurity.
- 64% said it lowers the cost of detecting breaches and responding to them – by an average of 12%.
- 74% said it enables a faster response time. It reduced time taken to detect threats, remedy breaches and implement patches by 12%.
- 69% also said AI improves the accuracy of detecting breaches. Additionally, 60% said it increases the efficiency of cybersecurity analysts. This reduces the time they spend analyzing false positives and improving productivity.
Accordingly, almost half said that budgets for AI in cybersecurity will increase in FY2020 by nearly a third. In terms of deployment, 73% are testing use cases for AI in cybersecurity. Only one in five organizations used AI pre-2019. However, adoption is poised to skyrocket: almost two out of three organizations plan to deploy AI by 2020 to bolster their defenses.
“AI offers huge opportunities for cybersecurity,” says Oliver Scherer, CISO of Europe’s leading consumer electronics retailer, MediaMarktSaturn Retail Group. “This is because you move from detection, manual reaction and remediation towards an automated remediation. Organizations would like to achieve that in the next three or five years.”
Significant barriers to implementing AI at scale
The number-one challenge for implementing AI for cybersecurity is a lack of understanding of how to scale use cases from proof of concept to full-scale deployment. 69% of those surveyed admitted that they struggled in this area.
Additionally, half of surveyed organizations cited integration challenges with their current infrastructure, data systems, and application landscapes. Although the majority of executives say they know what they want to achieve from AI in cybersecurity, only half have identified the data sets required to operationalize AI algorithms.