Companies in Hong Kong and elsewhere are expected to turn to cognitive technologies to help speed up the time to extract insights from the mountains of security data in their continuing fight against cyber threats.
“Machine learning (ML) including cognitive computing capabilities is at the core of next-generation IT security. There will be different implementations and innovations from various security vendors and we also see previously non-security type companies with machine learning capabilities introduce security products based on their vast ML experience,” said Chwee Kan Chua, assistant vice president - Big Data Analytics & Cognitive/AI Computing Practice, and Global Research Director, IDC Asia Pacific.
He added: “Cognitive and new methods of machine learning such as deep learning is driving the next-generation of Security information and event management (SIEM) systems by providing new capabilities to predict and react to new unknown threats.”
Chua made the observation as IBM rolled out its augmented intelligence technology, Watson for Cyber Security, in Hong Kong recently to help IT security analysts to quickly extract insights from the great volumes of security alerts that their organization receives every day.
A recent IBM study found that only 7% of security professionals are using cognitive tools today, but the usage is expected to triple over the next two to three years.
Making cybersecurity smarter
“Cognitive technologies will be critical to security operations centers – adding the ability to quickly interpret this data and integrate it with structured data from countless sources and locations,” said Job Lam, IBM Security, Greater China, IBM China/Hong Kong. “We have met many CSOs in banks based in Greater China who are simply overwhelmed by the number of security alerts that they received on a daily basis. They are now hiring security analysts, but these experts still need help in reducing the time to handle the alerts as their organization faces a growing number of cyber incidents.”
According to IBM Research, enterprise security teams have to sift through more than 200,000 security events per day on average, leading to over 20,000 hours annually of wasted time spent on chasing false positives.
Furthermore, IBM data showed that they have to interpret 75,0000+ documented software vulnerabilities, 10,000+ security research papers published each year and 60,0000+ security blogs published each month.
“There is simply not enough time to go through all that data. To make the problem worse, companies cannot find enough qualified security analysts. IT hiring experts have predicted that there will be 1.5 million open and unfulfilled security positions by 2020,” said Leo Leung, senior business manager, IBM Security Business Unit, IBM China/Hong Kong.