An Intellyx BrainBlog by Eric Newcomer | Part 2 of the Auguria Data Experience Series
Organizational Security Challenges
Every large organization allocates a budget to run a Security Operations Center (SOC) or similar cybersecurity defense department. Smaller organizations tend to use a managed service bureau.
Either way, someone takes responsibility for the day-to-day cybersecurity defense of the organization and ensures it’s adequately protected against incidents and breaches. And the risk of incidents and data continually increases.
SOC teams (or their equivalents) spend their days monitoring network traffic and responding to any cyberattacks they detect. Unfortunately, it’s always on every organization’s mind to do more with less.
Improving the SOC function while keeping costs under control is something everyone is thinking about, but it can be difficult to find the time and energy to transform the function when it’s always in firefighting mode within budget constraints.
Generative AI can help. Many cybersecurity vendors are adding AI to their products to filter and correlate alerts, identify priorities for the SOC team to focus on, and suggest (or automatically invoke) remediation actions.
But as many observers of generative AI have correctly pointed out, the quality of a generative AI solution is only as good as the quality of the data available. While hallucinations and incorrect results are inevitable, if you improve the data you improve the results.
How to Improve the Situation
Effectively curating cybersecurity data is the single largest problem area to address for successfully using AI to improve SOC productivity and efficiency.
A good approach to improve the situation is to create a knowledge layer between the alerting and monitoring systems and the analysts who are deciding which issues to remediate and how to remediate them.
The idea is to create an environment in which the SOC team is leveraging the advanced intelligence available through the curated knowledge layer and skilled application of AI. This can change the game entirely.
