AI can help alleviate current skills gap facing security teams: Vikas Arora, IBM India

Enterprise security has always been a cat and mouse game, with cyber adversaries constantly evolving their attack systems to get past defenses. Can AI based systems help in warding off new age threats and zero day attacks. To get a perspective, we spoke with Vikas Arora, IBM Cloud and Cognitive Software Leader, IBM India/South Asia, who shares his view on how AI can impact enterprise security.

Some edited excerpts:

What are your views on the cyber security landscape in India? Which sectors do you think are the most vulnerable today?
Cybercrime is 21st century organized crime. 80% of cyberattacks are driven by highly organized crime rings in which data, tools and expertise is widely shared. It is estimated the cybercrime will cost the global economy more than $2 trillion by 2021 and represents what could be the greatest threat to every company in the world.

As per a 2018 IBM Ponemon study, the average mean time to identify data breach in India increased from 170 days from previous year to 188 days. ‘Malicious or criminal attacks’took 219 days on an average to be identified. The report further highlighted that the average mean time to contain data breach in India, increased from 72 days from previous year to 78 days. Average time to contain ‘Malicious or criminal attacks’took 99 days. Today, the implications of a breach span the C-Suite, impacting financials, brand, client loyalty, employee privacy, legal/regulatory issues, etc.

Security is now part of active board level issue and discussion. CISOs roles are increasingly becoming more complex and the need for them to work closely with C-Suite team and board is on rise. CISOs need to think in new ways about the problem and equip the organization with necessary security tools which can predict, control and respond to threats real-time.

From Security Intelligence to Application Security, we see the relevance of Security across verticals. Owing to the nature of their business, we are seeing increased adoption across Financial Services, Telecom, Information & Communications Technology, Retail, and Professional Services, who are looking at infusing AI in their core security solutions.

Your perspective on the usage of AI in security?
Cybersecurity is among the most important and pressing challenges of our times. The inadequacy of perimeter-based security controls in protecting enterprises is demonstrated in the increased scale, scope, and frequency of cyber-attacks confronting enterprises today. This problem is further exacerbated by the proliferation and adoption of technologies involving cloud, mobile, and social platforms (often offered as third-party services), which further erode the visibility and control that enterprises have on their security posture.

At IBM we strongly believe that safety, security, and trust in AI systems are critical for driving widespread use of this technology for real business applications. AI is the necessary evolution of the cybersecurity industry to keep up with increasingly sophisticated threats and demands on security analysts.

Machines and AI excel at different types of tasks that humans are not well suited for; AI will not replace human reasoning and decision making, however it can augment the skills of human security analysts allowing them to do their jobs faster, more accurately and more efficiently.

IBM advocates for several approaches to help deal with these challenges, including:

o Collaborate: As hackers are collaborating on the dark web, the good guys (security professionals spanning both private and public sector) must also improve our methods for collaborating and sharing information on threats (and how to stop them) before they become widely spread.

o Utilize Cognitive Security Tools: “Cognitive”security tools which incorporate next-gen, intelligent technologies can help resource strapped security workers stay ahead of threats. For example, Watson for Security has been trained on the language of security. Watson has “read” 2 million cybersecurity documents and can help security analysts parse thousands of natural (human) language research reports that have never before been accessible to modern security tools.

o Focus on Response: A slow response to security events has a huge impact on the cost and severity of breaches. The industry should begin to place additional focus on “incident response”–having the right team and plans in place to act quickly after being hit by an attack.

Further, we believe, AI can help alleviate some of the effects of the current skills gap facing security teams by making junior analysts more effective. Developing both AI and cybersecurity skillsets will be an important for the next generation security workforce. IBM’s Institute for Business value recently conducted a survey which found that adoption of cognitive security solutions is currently at 7% but is expected to grow three-fold (to 21%) within the next 2-3 years.

Can you give us some examples which showcase how AI will be useful in the ever-changing cyber security space?
As cyberattacks grow in volume and complexity, artificial intelligence (AI) is helping under-resourced security operations analysts stay ahead of threats. Curating threat intelligence from millions of research papers, blogs and news stories, AI provides instant insights to help organizations fight through the noise of thousands of daily alerts, drastically reducing response times.

Cognitive security tools like Watson are the logical and necessary evolution of the cybersecurity industry to truly take advantage of the massive amount of intelligence that exists and use it to gain an edge in the increasingly challenging battle against cybercrime. Watson is not just designed to simply provide analysts with more intelligence –instead, Watson will guide them to take the correct next steps and actions based on the system’s collective (and contextual) learned body of knowledge. This is all about augmenting the security analyst’s intelligence, enabling them to act with speed, scale and accuracy when researching and responding to threats.

For example, Bombay Stock Exchange (India), the oldest stock exchange in Asia and now the fastest exchange in world, has selected IBM Security to design, build and manage a cyber Security Operations Center to safeguard the company’s assets and protect stakeholder data. Under the five-year managed security services agreement, the center enables around-the-clock security event monitoring, event handling, security analysis, incident management and response along with synchronized management of devices, networks and applications.

What’s your view on IBM’s opportunity in India, specifically in the cyber security sector?
We are leading the journey towards AI and Intelligent Automation in Cybersecurity. We foresee both being a key priority for CISOs in 2019. Enterprises are looking at driving service agility and resilience in their digital business along with data driven security intelligence which can help them be prepared for any unforeseen threats. We are gaining momentum as the world’s fastest growing enterprise security business due to our differentiation in helping clients apply security intelligence across their infrastructure, applications, cloud, mobile devices, etc.

Can you give some examples or statistics that showcase that IBM is on a strong growth trajectory in India in cyber security space in India?
IBM Security is the fastest growing vendor in the global security software market based on Gartner’s most recent security market analysis. Gartner also calls IBM the 3rd largest security software vendor in the world. In India, we grew our Security business – both Software and Services in strong double digits in 2018 with clients spanning across BFSI, Manufacturing, Healthcare to name a few.

We have simplified our portfolio to help clients in three strategic areas, “Strategy & Risk”, “Threat Management” and “Digital Trust”. Further, we are focused on top security needs we hear from our customers around advanced threats, cloud security, Mobile and IoT, Compliance Mandates and addressing the skills shortage in the security space. We are already the largest Security provider to the Enterprises in India, and we aim to strengthen this position as we drive our Security strategy in 2019.