*By Mario Gama
4 million per second. This is the number of password attacks currently occurring, according to the report Digital Forensics Report 2023 from Microsoft. The growth of cyberattacks is directly related to the lack of qualified security professionals on the market. Worldwide, the deficit is 3.5 million, according to the report Cybersecurity Trends from Mckinsey, while Brazil will have a deficit of 530,000 professionals in the field by 2025, most of whom will be cybersecurity specialists, according to a survey by Google for Startups.
In companies, this challenge results in increased vulnerability: less than one in ten (8%) organizations have completed cyber risk assessments monthly, according to ISACA research. However, a powerful tool emerges to face modern threats and ensure asset protection with an agile and proactive approach: Artificial Intelligence (AI).
The Global Survey of McKinsey 2023 on the current state of AI confirms the explosive growth of generative AI tools: Less than a year after the launch of many of these tools, a third of survey respondents say their organizations use generative AI regularly in at least a business area. Amid recent advances, AI has gone from a topic restricted to technology professionals to a focus for business leaders, because almost a quarter of C-suite executives interviewed are personally using AI tools for work, and 40% say that their organizations will increase investment in technology.
Currently, most manufacturers are in a “gold rush” to gain leadership in safety with generative Artificial Intelligence. What differentiates them at this point is their data volume processing capacity. Bigtechs already have an immense metadata base, as well as a strong AI structure, which they can now use in favor of security in order to develop tools that offer a better view of incidents that occur in the collaboration environment, automating processes and supporting strategic decision making.
These new capabilities basically use AI to work on – and simplify – the entire context of attacks that occur, in addition to identifying situations that a person alone could not, and also covering the lack of cybersecurity talent. This will be a key game-changer against hackers, who are already using generative AI tools to perfect their attacks, and companies need to do the same to defend themselves.
Turning the game
For the corporate market, the main point at this time of intense transformation is, firstly, understanding what their needs and challenges are, whether they are lack of resources, understanding processes or high volume of attacks. It's not just activating a solution, but developing a growth model. From there, it is possible to apply AI directly aimed at addressing these bottlenecks.
In the implementation phase, there are some assessments that must be carried out, such as workshops on mapping security material and preparing for the adoption of Artificial Intelligence registration technologies. Thus, it is possible to understand the company's maturity level to define the construction of the security environment with AI, since this structure requires a base of previous solutions. Businesses that cannot navigate this entire universe and connect the dots of technical processes and people and then bring the security solution to Artificial Intelligence will end up failing.
With technology, you can synthesize data from multiple sources into clear, actionable insights and respond to incidents in minutes rather than hours or days, as well as identify threats early and get predictive guidance to thwart an attacker's next move. AI still tackles the current shortage of specialized cybersecurity professionals, helping teams develop their skills with step-by-step instructions to mitigate risks.
However, it is necessary to highlight that AI only works in conjunction with appropriate process tools and, even more so, people. Analysts and professionals responsible for the area of software and incident response continue to be in demand, what companies now gain is an increase in the power to resolve security issues with the team working together with Artificial Intelligence. Human value remains irreplaceable.
More technology, more responsibility, more security
Companies that have already been using these tools are able to reap the benefits of identifying attacks and responding to them more quickly. Many are even beginning to discover situations and signs that they were previously unaware of, as AI can analyze all systems and identify security vulnerabilities, allowing companies to strengthen their defenses before an attack occurs.
The benefits of AI are countless, but the three key points when it comes to security are machine-speed incident response time; search for threats with better correlation and inference; and complete, personalized reports at a prompt from distance. In practice, this means having actions, such as identifying incidents, which were previously manual, being executed and analyzed in a much more agile way, which a human being could not do. To get an idea, just imagine a technology company that has thousands of networks and employees and global distribution. Discovering whether this organization is susceptible to vulnerabilities and examining all assets in the environment for evidence of breach is a highly complex job, but with AI it can be quickly performed.
Regarding security reports, it is possible to condense any event, incident or threat in minutes and prepare the information in a personalized report ready to share with the desired audience, which was previously a challenge for those responsible for security.
Competitive revolution
Brazil is already ahead of some markets, given a higher level of security maturity, a more robust ecosystem and better structured and prepared companies. Thus, in the country the tendency is for AI to be adopted more quickly by companies compared to other countries in Latin America. However, we are still far from what is already reality in parts of the Asian market, such as Singapore, Japan and South Korea, and, of course, the United States and Europe.
In this way, AI has the potential to revolutionize business security, providing operational efficiency, better threat detection and cost reduction. More disruptive companies seeking to gain a competitive advantage will take the lead with technology. This is an investment in innovation that will be a differentiator for business strategy: as the digital era advances, AI in enterprise security will become not just a choice, but a necessity to protect the future of business.
* Mario Gama is Cybersecurity Practice Leader Latin America & Caribbean at SoftwareOne, a leading global provider of end-to-end solutions for software and cloud technology.