More companies today are investing in AI-based cybersecurity technology to speed up incident detection and response, to better identify and communicate risk to the business, and to gain a better understanding of cybersecurity situational awareness. That’s according to ESG research that found 12% of enterprise organizations have deployed AI-based security analytics extensively while 27% had done so on a limited basis.
In a recent conversation with SearchCIO, SAP CSO Justin Somaini explained how organizations can implement machine learning algorithms and AI in security to improve their cybersecurity posture. Somaini also highlighted how machine learning and AI in security can be used not to just automate tasks, but also remediate and identify issues.
Editor’s note: The following transcript has been edited for clarity and length.
What’s the role of machine learning and AI in security?
Justin Somaini: There’s no silver bullet in security; I think we all know that. But I am a very big believer in how we can apply AI, supervised or unsupervised machine learning algorithms, deep learning — this whole space — to help handle a couple of problems.
The first one is scale. Look at any large scale environments — they have more logs, more alerts than they know what to do with. Can we apply an algorithm to one low hanging fruit that can be automated and immediately responded to? Here’s an issue that we have, the computers themselves can remediate the issue. I think there’s a good component of workload that can be offloaded to that degree, and there are examples of companies that have done that.
Two, a scale of logs to be able to say, listen, we’re identifying the complex attacks that legacy technology has not been able to give to us. The third one that is really exciting: Security historically has been regimented to infrastructure and application logs, but not necessarily the application content. For example, for Concur we have traveler’s safety within the Concur system to help identify at-risk employees while they’re traveling around the globe and making sure they are safe. Can we advance that with machine learning algorithms? Can we do the same thing for employees in an HR system? Can we do the same thing for fraud within a general ledger or financial system? That business applications security conversation, driven by an AI or machine learning algorithms, is very exciting. It is really the true level of where we need to get to for security.