A SHORTAGE OF IT SECURITY STAFF, A MOUNTAIN OF UNSTRUCTURED DATA AND A GROWING NUMBER OF END-USER DEVICES CREATE A PERFECT RECIPE FOR A GRAND SECURITY THREAT
According to IDC and EMC, the world’s data is projected to explode to 40 zettabytes (a.k.a. 40 billion terabytes) by 2020. That represents an exponential growth of 50 times in just 10 years!
What’s worse, 70%-80% of all data in organizations is unstructured data -- data not organized in ways that today’s machines can read easily -- think natural language like emails or presentations rather than structured data like tables in a database.
The never-ending open faucet of data pours in from threat intelligence, network, advance fraud, identity access management, data applications, mobile and endpoint tools and research documents.
The problem: security teams have to stay on top of this data to prevent new security breaches.
SECURITY TOOLS ARE NOT THE ANSWER
“On average, you have 85 security tools from 45 vendors that you’re trying to use,” says Willie Wong, Canadian Marketing Leader for Security at IBM. To stay protected, we need to keep on top of constant change and an onslaught of information.
Organizations must wake up to the fact that technology is only one aspect of the solution to security issues. Wong continues, “A lot of organizations focus only on the technology.” More technology doesn’t mean lesser problems. In reality, more tools deepen the knowledge gap of your IT pros. And, that gap is widening.
By 2020, the IT industry will have 1.5 million open security positions and not enough graduates to fill essential jobs. Organizations are fighting for the best candidates, but the reality is that amidst overwhelming data growth, they won’t be able to recruit fast enough.
EVEN THE LARGEST ORGANIZATIONS CAN’T AFFORD TO HIRE 1000 SECURITY PEOPLE
According to IBM, most security teams only have the power to decipher 8% of incoming unstructured data to protect their environments. Trying to keep up with this constantly growing data forces a more perimeter-focused reactive approach. But what if there was a fine-tuned Artificial Intelligence (AI) system that could analyze all that data for you? Expert systems like this not only seek out and collect the data, they are also designed to develop human-like capabilities for learning. This kind of system could give even the smallest teams the ability to process huge amounts of information about what’s happening both inside and outside their perimeters.
ARTIFICIAL INTELLIGENCE HOLDS THE CAPABILITY TO TURN A TEAM OF FIVE INTO 5000
IBM is doing just that with the latest iteration of their Watson platform that leverages cognitive technology and according to IBM, “can think like a human”.
“We’re going to integrate Watson’s AI with QRadar [a security information and event management solution] and the IBM security suite, so it’s all-in-one,” reveals Wong. Once Watson’s AI has algorithms from all of the security tools, it will analyze unstructured data, crunch the numbers, pull out the evidence and assess and rank the biggest risks. This includes capabilities to identify internal user threats quickly, based on unusual user behavior patterns.
This is not a replacement for a team of security experts, it’s a turbo boost for their information analysis power. Expert systems like Watson provide information to human analysts, who review the information and take action. This prevents Watson’s AI from making decisions on behalf of the analyst, like shutting down business critical systems without asking. It also frees up your experts to do the important work and leaves the more tedious work to the AI.
EVEN AI SOLUTIONS AS WELL KNOWN AS WATSON STILL HAVE A LOT TO LEARN
Watson isn’t quite ready yet, “We had to send Watson back to school,” Wong replies. “And, there are eleven universities involved globally to teach Watson the language of security. Coming out of that, we will probably start doing prototyping. We have ten organizations globally already signed up for beta testing. We can’t talk about them, but two of them are financial institutions. They want this quickly.”
In the meantime, Wong advises immediately educating all employees to accurately identify what they should and absolutely should not access while on your network. Until systems like Watson are ready, a plan that makes employees aware of these risks and reduces internal risks is essential for tightening security on the inside.