PUBLISHER: IDC | PRODUCT CODE: 1454301
PUBLISHER: IDC | PRODUCT CODE: 1454301
This IDC Perspective discusses how IDC defines AI in cybersecurity. Combinations of artificial intelligence (AI) and machine learning (ML) have influenced the cybersecurity landscape for the better of 15 years. What computers have always been able to do is make correlations to the bytes, files, hashes, and code that comprise a network. However, for all of the improvements in computing and years of refining algorithms, so much of operating the network and the cybersecurity software that protects the network are still manually intensive processes.After all of this time, recent developments in generative AI and, more specifically, ChatGPT are seemingly addressing the cybersecurity manpower gap. IDC calls it "autonomizing the SOC." The process of realizing a fully autonomous SOC involves several intermediary steps, but the new efficiencies in evidence are:The availability of enriched data at the time of the incident investigationThe ability to generate an instantaneous response based on the type of attack is increasingly automatedThe implementation of analytics to discover unmanaged devices in the networkThe development of natural language processing (NLP) that enables threat hunting and security querying at the speed of speech"In creating security outcomes, the hard work is not about the artificial intelligence but creating and enabling the security data foundations that will allow AI to create measurable benefits to IT professionals. Regardless, the cause for overall optimism is real," says Frank Dickson, group vice president, IDC Security and Trust.