AI isn’t the answer to everything but it can prevent staff burnout when it comes to cybersecurity, writes Mike Fry.
When AI isn’t being cited as the answer to all of today’s problems, it’s being accused of taking jobs away from people. It’s a paradox – flitting between opportunity and challenge, positive and negative, a necessity and a blight.
The reality is that organisations shouldn’t deploy AI for AI sake or just because it’s what everyone’s talking about. Furthermore, the use of AI in the world of business is far more nuanced and it certainly shouldn’t be implemented to replace people.
“Threat hunting is a useful skill and it’s one that AI can assist with”
When it comes to workers, AI should be about empowering them to work better and quicker. Organisations should therefore be focusing on how it can boost productivity and accuracy, while reducing stress and burnout.
With burnout more prominent and prevalent than ever, companies are more at risk. That’s not to mention the ongoing talent shortage which is leaving companies under resourced and under skilled. This issue is exacerbated by increasingly complex IT landscapes, including multiple security solutions or providers.
In fact, the attack surface has become unwieldly and unmanageable with users everywhere, devices everywhere, data everywhere. It’s overwhelming and, most likely, underappreciated – especially given that threat actors are now more effective through their own use of AI.
Reducing complexity
A lot of companies want to simplify processes, optimise operations and reduce complexity with fewer tools and vendors – especially when it comes to cybersecurity.
This is where platformisation comes into play and why it’s rising in popularity. It basically centralises solutions, enabling security analysts to view and manage everything in one place, thus enhancing efficiency and efficacy.
Data fatigue is another piece of the complexity puzzle when tackling risk. Again, with so many tools and so many access points, IT teams will often be bombarded with relentless attacks and countless alerts. This requires careful assessment and priortisation. However, it’s vital that such events are assessed in terms of both criticality and applicability, otherwise the wrong incidents could end up being very time-consuming.
Using AI to automate these processes can significantly help to accelerate detection, facilitate assessment and improve response to threats or incidents. That includes monitoring and safeguarding other AI models which, like all technologies, can be hacked and can’t be overlooked.
Identifying application
For many organisations, they know they want to deploy AI, but they don’t know exactly what for or how to do it. It’s important that companies are not simply jumping on the AI bandwagon. Instead, they need to understand their AI maturity and identify areas where it will actually empower people and drive success for the business – which will be different for each organisation. Identifying use cases will often involve reviewing processes and getting input from team members.
Alongside this, companies also need to effectively manage their data to underpin AI usage. After all, when it comes to AI, it’s all about the data. It’s how we structure it, tag it, govern it, and secure it. Poor quality data or a poor data strategy will inevitably jeopardise AI deployment.
And remember, the aim is not to further add to the burden, stress or workload of your IT team with models relying on inadequate or unclean data. The aim is to adopt an approach which enables your IT team to better manage and secure the entire IT environment.
Combining efforts
Threat hunting is a useful skill and it’s one that AI can assist with in terms of creating syntax code within a short timeframe. Something like this could also allow organisations to allocate more junior members of staff to this area, enabling them to upskill, easing workloads and freeing up more senior personnel to focus on strategic activities.
In saying this, the human element remains vital. Even with the assistance of advanced AI models, it is imperative that people perform checks to ensure the right data has been input, no errors have been made, and the right activities are being prioritised by such technologies.
As well as combining technological and human efforts, it’s also crucial for the responsibility of IT to be shared by the entire team – from entry level employees to C-suite leaders, and across all departments (not just IT). This requires communication regarding best cybersecurity practices, the creation of a cyber-aware culture and recognition when incidents are successfully handled.
Cybersecurity has to be viewed not only as an IT but as a business problem too. Similarly, AI must be seen as both an IT and business enabler. However, the value of it will only be realised if organisations implement it where it makes sense and with their people in mind. By combining technology and humans, companies can reduce complexity and burnout, while boosting their cybersecurity and future success.
Top image: Photo by Daily Choice on Unsplash
-
Bank of Ireland is welcoming new customers every day – funding investments, working capital and expansions across multiple sectors. To learn more, click here
-
For support in challenging times, click here
-
Listen to the ThinkBusiness Podcast for business insights and inspiration. All episodes are here. You can also listen to the Podcast on:
-
Spotify
-
SoundCloud
-
Apple
