International Data Corporation (IDC), the market intelligence firm, just released a new InfoBrief that reveals a startling insight into the state of cybersecurity: almost two-thirds of organizations do not have high confidence in identifying their greatest vulnerabilities. Wow. Considering the scale of risk in this day and age, that’s not a reassuring number. It feels honest, however. Despite the best efforts of a lot of smart people, and a great deal of investment in cybersecurity, security managers remain unclear on just how well they’re protecting their most important digital assets.
The report, Studying the Effects of a Virtuous Cycle in Cybersecurity, sponsored by Darktrace, also found that 81% of organizations felt that artificial intelligence (AI) insights would help them to automate their security postures. These two findings go together. Security managers lack confidence in identifying vulnerabilities because there are simply too many threats in too many places for human beings to track effectively.
Today’s geopolitical and macroeconomic environment is part of the problem, according to Amber Rudd, former UK Home Secretary. She said, “Cyber security risks are one of the most pressing but least well understood risks organizations face today. As the geopolitical landscape becomes more fractious and the world continues on a path of rapid digital transformation, businesses are facing a greater, more complex set of cyber security challenges than ever before – and these are constantly evolving.”
As Chris Kissel, Research Director at the IDC, put it, “As organizations contend with an increasingly complex set of cyber security challenges, a reactive approach does not go far enough. CISOs are starting to look at cyber security just like any other operational risk and are turning to a more proactive approach that pre-empts cyber-attacks before they happen, rather than waiting to be breached. It is clear that organizations must adopt a preventative approach and will be increasingly reliant on AI to do so.”
For Nicole Eagan, Chief Strategy Officer at Darktrace, the underlying problem has to do with risk prioritization. “Most companies have siloed IT,” she said. “With systems operating in separate spheres, or in ‘shadow IT’ environments that few know about, it’s extremely difficult to know which risks carry the most disruptive potential.”
The challenge is to identify the most serious areas of vulnerability and establish a practical priority for risk mitigation. Amber Rudd spoke this need, saying, “Being proactive requires organizations to understand what their weaknesses are and proactively address these before attackers take advantage.” Without risk prioritization, it’s easy to waste time and money on activities like penetration testing (pentesting) on non-critical system. This is a lot easier said than done, but AI offers a way forward.
Darktrace’s new PREVENT solution is taking on this challenge. It offers a predictive and preventative approach for tackling cyber-threats and business risk by using AI to “think like an attacker.” The solution finds pathways to an organization’s most critical assets from inside and outside. It works at the levels of attack surface management (ASM), attack path modelling, pentesting and breach emulation.
“This technology is making the job of the attacker much harder,” said Poppy Gustafsson OBE, CEO at Darktrace. “It arms security teams with unprecedented, AI-powered tools, which can pre-empt even the most complex cyber-attacks. It represents a fundamental shift in cyber-security, putting security teams on the front foot as they seek to protect their organizations and build cyber resilience.”
Ultimately, solutions like PREVENT exist to augment the human mind, minds that are increasingly affected by the stress of the job. “Burnout is very real,” Eagan said. “One of the main purposes of PREVENT is to provide facts that can bring people together so they can work more harmoniously in their cyber defense roles.” Indeed, as Eagan pointed out, the PREVENT AI can emerge as a virtual team member in the cybersecurity organization. “It’s like having a supersmart colleague who can see around corners, but never takes a day off.”