One of the most significant developments in cybersecurity recently has been the integration of artificial intelligence (AI) and machine learning (ML) into cybersecurity solutions (and
unfortunately in more creative and difficult-to-spot cyberattacks). As a result, a new kind of
cybersecurity, known as hybrid cybersecurity, has emerged. Hybrid cybersecurity combines human intelligence and intuition with AI and ML models to provide enterprises with more comprehensive and effective cybersecurity at scale.
One of the key advantages of using AI and ML in cybersecurity is the ability to predict potential attacks before they happen. As Monique Shivanandan, CISO at HSBC, a global bank, explains, "Based on behaviors and insights, AI and ML allow us to predict [that] something will happen before it does. It allows us to take the noise away and focus on the real issues that are happening, and correlate data at a pace and at a speed that was unheard of even a few years ago."
The integration of AI, ML and human intelligence as a service is one of the fastest-growing categories in enterprise cybersecurity. Managed detection and response (MDR) is the service category that capitalizes most on enterprises needing hybrid cybersecurity as part of their broader risk management strategies. Gartner, a “a technological research and consulting firm based in Stamford, Connecticut that conducts research on technology and shares this research both through private consulting as well as executive programs and conferences,” predicts that the MDR market will reach $2.2 billion in revenue in 2025, up from $1 billion in 2021, attaining a compound annual growth rate (CAGR) of 20.2%. Additionally, Gartner predicts that by 2025, 50% of organizations will use MDR services that rely on AI and ML for threat monitoring, detection and response functions.
However, it is important to note that AI and ML are not just being used by cybercriminals to launch new kinds of attacks, but also by cybersecurity experts to protect against them. Hybrid cybersecurity is becoming a priority for organizations that don't have enough AI and ML modeling specialists, data scientists and analysts. AJ Abdallat, CEO of Beyond Limits, explains, "We champion a hybrid approach of AI to gain [the] trust of users and executives, as it is very important to have explainable answers."
AI- and ML-based endpoint protection platforms (EPPs), endpoint detection and response (EDR), and extended detection and response (XDR) are proving effective at quickly identifying and defending against new attack patterns. However, they still require time to process and learn about new threats. AI- and ML-based cybersecurity platforms use convolutional neural networks and deep learning to help reduce this latency, but they still need human expertise to ensure that the data used to train the models is accurate and relevant.
As a result, it is essential to stay informed about the latest developments in AI and cybersecurity. This includes staying up-to-date with the latest research and trends, as well as understanding how to properly use and implement AI and ML-based cybersecurity solutions. By becoming more informed about AI in cybersecurity, individuals and organizations can better protect themselves against cyberattacks and stay ahead of the curve in the ever-evolving landscape of cybersecurity.
The integration of artificial intelligence (AI) and machine learning (ML) into cybersecurity solutions has led to a new kind of cybersecurity known as hybrid cybersecurity, which combines human intelligence and intuition with AI and ML models to provide more comprehensive and effective cybersecurity at scale. However, the use of AI and ML in cybersecurity extends beyond just protecting against cyberattacks. The onslaught of endpoint attacks delivers more and more data, which is valuable for DevOps teams to fine-tune existing products and invent new ones. As Nikesh Arora, Palo Alto Networks chairman and CEO, explains, "we collect the most amount of endpoint data in the industry from our XDR. We collect almost 200 megabytes per endpoint, which is, in many cases, 10 to 20 times more than most of the industry participants. Why do you do that? Because we take that raw data and cross-correlate or enhance most of our firewalls; we apply attack surface management with applied automation using XDR."
This focus on innovation and market growth is also reflected in recent studies and predictions. Gartner's latest Information Security and Risk Management forecast from Q4 2022 predicts that enterprise spending on endpoint protection platforms worldwide will grow from a base of $9.4 billion in 2020 to $25.8 billion in 2026, attaining a 14.4% compound annual growth rate (CAGR) over the forecast period. Additionally, Gartner predicts that by the end of 2025, more than 60% of enterprises will have replaced older antivirus products with combined endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions that supplement prevention with detection and response.
Of the many innovative cybersecurity applications, platforms and solutions that endpoint security has contributed to, five are proving to have the most significant impact. These are cloud-native platforms, unified endpoint management (UEM), remote browser isolation (RBI), self-healing endpoints, and identity threat detection and response (ITDR). Cloud-native platforms, in particular, are advancing enterprise endpoint security by providing more flexibility and scalability. As Rustam Malik and Dave Messett from Gartner write in their latest report on the competitive landscape in endpoint protection platforms, "buyers of endpoint security products are seeking consolidated solutions. Providers are responding by integrating their products and partners around XDR platforms. Capabilities include identity threat detection and response, enhanced threat intelligence, data analytics, and managed service delivery."
Through the solutions hybrid cybersecurity provides, our use of AI and ML in cybersecurity extends beyond just protecting against cyberattacks, as it also provides valuable data for DevOps teams to fine-tune existing products and invent new ones. As a result, it is essential to stay informed about the latest developments in AI and cybersecurity to stay ahead of the curve in the ever-evolving landscape of cybersecurity.