• About
  • Subscribe
  • Contact
Thursday, June 5, 2025
    Login
FutureCISO
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
No Result
View All Result
FutureCISO
No Result
View All Result
Home People Culture and Behaviour

Use AI to enhance SecOps efficiency

allantan by allantan
April 1, 2024
Use AI to enhance SecOps efficiency

Use AI to SecOps efficiency

Share on FacebookShare on Twitter
Kimmy Bettinger

In the article, 5 priorities for digital leaders in 2024, Kimy Bettinger who leads the Leading emerging tech & tech policy initiatives at the World Economic Forum (WEF), writes that in 2024 businesses are focused on cutting costs and streamlining operations.

“They're shifting from testing the waters with artificial intelligence (AI) to widespread implementation to help them achieve these goals, potentially bringing big changes in how companies are structured and how they interact with customers,” she continued.

But even as technology, risk and security leaders, see the inevitable embedding of AI into processes and workflows, they also recognise the risks that come with the technology across many areas not the least of which is security.

“Security operations” mean different things to different people. For some it is about security monitoring, for others, it goes beyond detection of threats to remediation and vulnerability management. The WEF Global Cybersecurity Outlook 2024 reveals that few organisations are sufficiently robust enough to call themselves cyber-resilient confidently.

In recent years, the accelerated digitalisation of businesses and operations has raised the importance of security. At the same time, there is greater scrutiny being placed on where investments are going, and accountability for the dollars spent.

One of the outcomes is a renewed interest in efficiency.

Challenges around SecOps efficiency

LogRhythm’s head of solutions engineering for APJ, Leonardo Hutabarat, points out the security landscape is increasing in complexity. “Organisations are adding interconnected applications and services to their technology stacks, resulting in an expanded threat surface area, making threat monitoring and prevention more challenging than ever,” he continued.

For Adnovum managing director, David Chan, the roadblocks impacting the smooth operation of SecOps include retention challenges of top talent, the volume of meaningless alerts that analysts struggle to sift through, fragmented data across disparate tools creating blind spots in our security visibility and repetitive manual tasks that drain valuable resources and leave room for human error.

Improving SecOps efficiency with AI

Gilad Elyashar

“One major challenge to SecOps efficiency is the ability to effectively deal with the load of incoming issues taking into account the combination of scarce security talent together with the increase in volume of threats (due to automation among others) and sophistication of attacks (also due to AI),” said Gilad Elyashar, chief product officer for Aqua Security.

Related:  New defence measures against DeepSeek threats on mobile devices

He posits that AI can help address the above top-level issues. “I believe in some cases AI would help manual or simple part (writing fix, understanding context, creating relevant policies) thus empowering the security professional to do much more and help scale with the increasing number of threats,” he continued.

Chan believes that machine learning (ML) offers a transformative opportunity to revolutionise SecOps. Aside from being able to identify subtle anomalies and patterns that might be missed by humans, ML can prioritise threats based on severity and context, enabling analysts to optimise their response efforts and minimise damage.

Important considerations

Elyashar suggested that organisations should ensure they leverage the new platform’s strengths while acknowledging its current limitations. They should also experiment and extend usage where effective.

For Hutabarat, businesses need to consider the purpose of the AI, the type of data modelling to use, and the type of data injected into the AI tools. “Taking these factors into consideration can help businesses make informed decisions that align with their security objectives, and leverage AI fully to safeguard their data and systems,” he opined.

David Chan

Chan recommends organisations meticulously consider three crucial aspects starting with ensuring that AI is aligned with the overarching security strategy, and ensuring chosen solutions complement and enhance our existing security posture.

“They need to invest in data quality and accessibility. This ensures their training data is well-structured, complete, and unbiased for optimal AI performance and reliable decision-making,” he added. “Finally, they should only integrate AI tools from reputable vendors with a proven track record of robust security practices and ongoing maintenance.”

Safely integrating AI into SecOps

“It starts with setting clear objectives, identifying where and when AI can be integrated into SecOps to achieve those objectives,” suggested Hutabarat. “Organisations should also ensure that there are strict security and privacy standards in place when deploying and using AI systems in SecOps including the use of large language models.”

Related:  ExtraHop launches new AI tools for SOC analysts

Chan suggests piloting AI for targeted tasks before wider implementation, allowing organisations to learn and adapt, minimising risk and ensuring successful integration.

“Organisations should prioritise transparent AI models that provide clear explanations for their decisions,” he continued. “This ensures human oversight and control remain central to the process. Finally, we believe in continuous learning and improvement.”

In conclusion

Elyashar says the world of AI attack vectors and AI security is still pretty nascent, but we are seeing security vendors from the AppSec and Cloud security segments trying to address that threat vector as well as publications of OWASP top 10 attack vectors for LLM-AI apps.

“We believe that securing an AI app, like any app, requires protecting the AI-related aspects of the app across the application lifecycle from code, posture and runtime,” he concluded.

Leonardo Hutabarat

While predicting that AI will be a game-changer for SecOps, the key to improving SecOps efficiency and effectiveness, Hutabarat cautions that to capture the full value of AI for SecOps, security teams will need to be trained to use these AI solutions effectively.

“They will also need a strong understanding of the different AI models, their capabilities and limitations, as well as the ability to critically validate outputs from AI, and identify potential errors or biases,” he added.

Chan warns that AI comes with its complexities. It also represents a significant shift for SecOps. “By leveraging AI's capabilities for automation, intelligent threat detection, and data-driven decision-making, alongside SOC insights for holistic visibility, we can elevate SecOps efficiency and effectiveness to unprecedented levels,” he continued.

“This empowers security teams to focus on strategic initiatives and proactively safeguard the organisation from the ever-evolving threat landscape. By combining AI and SOC insights, we are not just addressing current SecOps hurdles – we are transforming SecOps for a more secure and efficient future,” concluded Chan.

Tags: AdnovumAqua Securityartificial inteligenceLogRhythmSecurity Operation Centre
allantan

allantan

Allan is Group Editor-in-Chief for CXOCIETY writing for FutureIoT, FutureCIO and FutureCFO. He supports content marketing engagements for CXOCIETY clients, as well as moderates senior-level discussions and speaks at events. Previous Roles He served as Group Editor-in-Chief for Questex Asia concurrent to the Regional Content and Strategy Director role. He was the Director of Technology Practice at Hill+Knowlton in Hong Kong and Director of Client Services at EBA Communications. He also served as Marketing Director for Asia at Hitachi Data Systems and served as Country Sales Manager for HDS’ Philippines. Other sales roles include Encore Computer and First International Computer. He was a Senior Industry Analyst at Dataquest (Gartner Group) covering IT Professional Services for Asia-Pacific. He moved to Hong Kong as a Network Specialist and later MIS Manager at Imagineering/Tech Pacific. He holds a Bachelor of Science in Electronics and Communications Engineering degree and is a certified PICK programmer.

No Result
View All Result

Recent Posts

  • Platform to enhance software development security
  • Check Point launches enhanced branch office security gateways
  • BarracudaOne to offer a unified approach to cybersecurity
  • AI agents present new security challenges in Southeast Asia
  • Red Hat launches Enterprise Linux 10 for hybrid security

Categories

  • Blogs
  • Compliance and Governance
  • Culture and Behaviour
  • Cybersecurity careers
  • Data Protection
  • Endpoint Security
  • Incident Response
  • Network Security
  • People
  • Process
  • Resources
  • Risk Management
  • Technology
  • Training and awarenes
  • Videos
  • Webinars and PodChats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCISO serves the interests of the Chief Information Security Officer (CISO) and the information security profession. Its purpose is to provide relevant and timely industry insights around all things important to security professionals and organisations that recognize and value the importance of protecting the organisation’s data and its customers’ privacy.

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • People
  • Process
  • Technology
  • Resources
    • White Papers
    • PodChats
Login

Copyright © 2024 Cxociety Pte Ltd | Designed by Pixl