As businesses look to cut costs wherever possible in light of the COVID-19 outbreak, they should look elsewhere than their cybersecurity budgets. That’s because one thing is certain: cybercriminals are not backing off their efforts in response to the virus. On the contrary, their taking advantage of the opportunity presented by the global pandemic.
Yes, this appears to be no time to cut cybersecurity spending. Investment, on the hand, could deliver surprising savings in terms of reduced infections and the ability to do more with fewer resources. How? Through the automation and efficiency that artificial intelligence (AI) and machine learning can offer.
The state of AI & ML in business security today
By way of background, Webroot™ of OpenText Cybersecurity has been collecting IT decision makers' opinions on the utility of AI and machine learning for years now. Results have been...interesting. We've seen a steady rise in adoption not necessarily accompanied by an increase in understanding.
For instance, during a 2017 survey of IT decision makers in the United States and Japan, we discovered that approximately 74 percent of businesses were already using some form of AI or ML to protect their organizations from cyber threats. In 2018, 74 percent planned even further investments.
And by 2019, of 800 IT professional cybersecurity decisionmakers across the globe, a whopping 96 percent reported using AI/ML tools in their cybersecurity programs. But, astonishingly, nearly seven out of ten (68%) of them agreed that, although their tools claim to use AI/ML, they aren’t sure what that means.
So are these tools really essential to securing the cyber resilience of small businesses? Or are they unnecessary luxuries in an age of tightening budgets?
How automation helps companies limit cybersecurity spending
Do AI and ML have something unique to offer businesses—SMBs and MSPs alike—in this age of global pandemic and remote workforces?
We asked the topically relevant question to it to one of the most qualified individuals on the planet to answer it: literal rocket scientist, BrightCloud founder, and SVP/CTO of Webroot and Carbonite, Hal Lonas.
Can AI and machine learning tools help people do their jobs more effectively now that they’re so often remote?
"AI and machine learning tools can absolutely help people do their jobs more effectively now than ever," he said. "Security professionals are always in short supply, and now possibly unavailable or distracted with other pressing concerns. Businesses are facing unprecedented demands on their networks and people, so any automation is welcome and beneficial."
In machine learning, a subset of AI, algorithms self-learn and improve their findings and results without being explicitly programmed to do so. This means a business deploying AI/ML is improving its threat-fighting capabilities without allocating additional resources to the task-- something that should excite cash-strapped businesses navigating tough economic realities.
Our AI/ML report backs up Lonas's assertion that these technologies make a welcome addition to most business security stacks. In fact, 94 percent of respondents in our survey reported believing that AI/ML tools make them feel more comfortable in their role.
"People who use good AI/ML tools should feel more comfortable in their role and job," he asserts. "Automation takes care of the easy problems, giving them time to think strategically and look out for problems that only humans can solve. In fact, well-implemented tools allow security workers to train them to become smarter—in effect providing the ‘learning’ part of machine learning. Each new thing the machine learns makes more capable."
AI/ML adopters also reported:
- An increase in automated tasks (39%)
- An increase in effectiveness at their job/role (38%)
- A decrease in human error (37%).
- Strongly agreeing that the use of AI/ML makes them feel more confident in performing their roles as cybersecurity professionals. (50%)
So despite some confusion about the role these technologies play in cybersecurity (which we think vendors could help demystify for their clients), their effects are clearly felt. And because cybercriminals are willing to adopt AI/ML for advanced attacks, they may force the hands of SMBs and MSPs if they want to keep up in the cybersecurity arms race.
Given today’s limited budgets, dispersed workforces, and increasingly sophisticated attacks, the time may never be better to empower professionals to do more with less by automating defenses and freeing them to think about big-picture cybersecurity.