AI is the Future of Cybersecurity: Finding a needle in the haystack, in real-time
Every day, security analysts look at an ocean of events gathered from log files. Their job is to identify security threats and determine which events warrant further investigation. A dearth of skilled analysts, combined with an overwhelming array of data from blogs and research papers, makes it difficult to put security events in context. Gone unchecked, any one event could lead to a much larger security incident and spell disaster for an organization, allowing attackers to gain control of its infrastructure, steal sensitive data and damage the brand’s reputation.
For instance, on average a security analyst reviews 10-20 high-risk security incidents in a day. Of these threats only a few may be an actual threat that needs to be escalated for resolution while, the most others are non-malicious. But this job can take hours and the research and identification of threats delays the analysts ability to quickly eliminate the threat.
Now, cybersecurity analysts can delegate the tedious and time-consuming task of threat research to AI technology powered by IBM Watson. IBM has integrated Watson Discovery Service with QRadar Advisor for the purposes of augmenting human intelligence to help analysts sort through large volumes of data at speed and scale that no person can match.