Whenever a new technology emerges, it’s likely to follow a predictable path in terms of public opinion. It starts with initial interest, moves to intrigue, then on to (sometimes wildly) unreasonable expectations before the technology itself has had much chance to prove itself. Along the way, plenty of misinformation and confusion tends to arise as well.
While no longer truly “new”, the concepts of artificial intelligence (AI) and machine learning (ML), have been no exception to this pattern. In fact, according to a recent survey conducted by our partner company Webroot™, even though 96% of global IT decision-makers have adopted AI/ML-based cybersecurity tools, approximately 7 in 10 said they’re not sure what that means.
“The hype around artificial intelligence has led to many myths. Enterprise architecture and technology innovation leaders implementing AI projects must separate reality from the myths to devise future strategies, or enhance existing ones, that will deliver business value outcomes.”– Gartner “Debunking Myths and Misconceptions About Artificial Intelligence,” Saniye Alaybeyi, et al. 18 January 2019
Those numbers mean almost every one of the 800 IT decision-makers in the U.S., U.K., Japan, and Australia/New Zealand surveyed are using AI/ML-based technology to protect their businesses from cyberattacks, but about 70% of them don’t really know what it does. So the question is: can you reap the benefits of a technology you don’t really understand?
The answer is both yes and no. Ultimately, these tools can help businesses of all sizes become more resilient against cyberattacks, and they bring a strong increase in automation and operational efficiencies. But it’s pretty critical to understand them so you can achieve maximum benefit.
Here’s a quick breakdown of the numbers from the study, which clearly indicate sustained confusion, despite rising adoption. These numbers are based on responses from all 4 of the regions surveyed.
- 96% currently use cybersecurity products with AI/ML.
- 70% plan to use even more AI/ML-based cybersecurity tools in 2020.
- Yet 68% say that, although their tools claim to use AI/ML, they aren’t sure what that means.
- 91% say they understand/research security tools, and specifically look for ones that use AI/ML.
- But 70% believe cybersecurity vendors are intentionally deceptive about their AI/ML-based services.
- 84% think their business has all it needs to successfully stop AI/ML-based cyberattacks.
- But 86% believe they could be doing more.
Addressing the confusion
According to Hal Lonas, SVP and CTO for SMB and Consumer at our parent company, OpenText™, “We can't expect to stop sophisticated attacks if more than half of IT decision makers don't understand AI/ML-based cybersecurity tools. We need to do better. That means more training and more emphasis not only on our tools and their capabilities, but also on our teams’ ability to use them to their best advantage.”
To address gaps in both security and understanding, Webroot™ recommends an ongoing campaign of:
- Continuing cybersecurity education for IT professionals, especially centering around AI/ML technologies and their use in today's threat landscape
- Working to increase awareness of non-IT decision makers within organizations regarding which tools are necessary to protect businesses from increasingly relentless cyberattacks
- Standardizing the terminology and application of the technologies across the IT industry
Additionally, it’s important to recognize the benefits these technologies bring that extend well beyond cybersecurity. For example, nearly half of survey respondents reported an increase in worker productivity. 39% saw increases in automated tasks, and the same number felt they had more time for training, learning new skills, and other business critical tasks since implementing AI/ML-based tools. 38% felt more effective in their jobs as security professionals, while nearly the same number reported a marked decrease in human error.
Real numbers around productivity, automation, time savings, and efficacy are pretty compelling at the best of times, let alone when we’re dealing with sudden and drastic shifts to the ways we conduct business. That’s why I can’t stress the importance of these technologies enough—not only in your security strategy, but across your entire toolset.
What to do next
As businesses become more knowledgeable about what works best for them and their workforce and customers, investment in these technologies will start to pay off. Organizations will become more resilient—not only in the face of evolving cyberattacks, but also changing business needs.
It’s critical that IT decision-makers educate themselves about the best ways to implement these tools, and also look to vendors who have the historical knowledge and expertise in the space to guide them.
Read the full Webroot AI/ML report to get the details on how global organizations are using AI and ML, their plans for future spending, use cases, and more.
And if you, like so many of the survey respondents, aren’t sure what AI/ML do in cybersecurity, you’re not alone. To help you gain a better understanding of the technology, myth vs. reality, and how the technology will evolve, download your copy of the white paper, Demystifying AI in Cybersecurity.