Artificial Intelligence Becoming Commonplace in Security Measures- What's Next?
In the ever-evolving landscape of cybersecurity, the integration of Artificial Intelligence (AI) is becoming increasingly crucial. AI-enabled security services are not just about advanced technology; they offer tangible benefits that contribute to a company's overall security posture and business goals.
Dave Merkel, co-founder and CEO of Expel, a cybersecurity provider headquartered near Washington, DC, emphasizes the importance of focusing on business outcomes when communicating the Return on Investment (ROI) of AI-enabled security to stakeholders. This approach involves using clear units, trends, and comparables against industry frameworks.
To help organizations identify AI-enabled cybersecurity providers that deliver real, demonstrable value, we've compiled a framework based on current industry standards and expert insights. Here are the key factors and best practices to consider:
1. Trustworthiness and Robustness of AI Systems
Select providers whose AI tools are robust and reliable under diverse and evolving threat conditions. The AI should be resilient to failures and adversarial attacks, explainable in its decision-making processes, controllable with meaningful human oversight, transparent about limitations, and operational scope. These attributes are essential to build confidence in AI solutions within sensitive security environments.
2. Proven Risk Management and Governance Practices
Ensure providers implement strong governance frameworks consistent with established standards such as ISO 42001. This includes documented risk assessments and risk registers for AI-related threats, well-defined mitigation plans with ongoing risk monitoring, and compliance with fairness, privacy, and transparency obligations. Adherence to such audits demonstrates a mature approach to managing AI risks and building accountability into the cybersecurity solutions being provided.
3. Integration with Zero Trust and Endpoint Security Models
Evaluate how the AI fits into a Zero Trust architecture by assessing its ability to provide real-time risk scoring at the user and endpoint level through anomaly detection, behavior analytics, and threat intelligence inputs. The AI should also have the capability for dynamic patch prioritization, focusing resources on high-risk vulnerabilities based on device criticality and exploitability rather than blanket patching.
4. Hybrid Human-AI Offensive Security Testing
Look for providers that combine autonomous AI-driven testing with expert human validation. This approach scales continuous penetration testing and vulnerability discovery with AI agents, has skilled human analysts validate findings, mitigate false positives, and contextualize risks based on business logic. Regularly updating testing scope with architecture, threat, and user behavior changes ensures relevance.
5. Alignment with Business Objectives and Measurable Outcomes
The AI-enabled security solution should align clearly with your specific business goals, such as protecting revenue-critical systems, minimizing downtime, ensuring regulatory compliance, and provide demonstrable metrics like improved threat detection rates, reduced response times, lower false positives, and prioritized remediation impact.
6. Learning From AI and Cybersecurity Evaluation Standards
Adopt lessons from broader AI evaluation frameworks and cybersecurity testing regimes, emphasizing continuous evaluation and testing of AI model performance against emerging threats, transparent reporting, and iterative improvement cycles. Alignment with best practices from cybersecurity standards for safety and security evaluation is crucial.
By applying this framework, your organization can identify AI-enabled cybersecurity providers who not only deliver advanced technological capabilities but also demonstrate clear, measurable contributions to your security posture and business goals. AI-enabled security investments reduce the likelihood of cyber incidents, leading to minimal business disruption, and free up resources for better optimization, allowing human analysts to focus on strategic initiatives.
As business leaders, it's essential to consider if your investments in cybersecurity are sufficient to stay ahead of growing threats. AI-enabled services can help organizations meet regulatory and legal requirements, avoiding fines, consent decrees, and lawsuits. They can also mitigate unplanned direct and indirect costs associated with incident response, technology rebuilds, recovery, and shifted attention and resources.
Faster detection and remediation of cyber incidents result in fewer breaches, creating a more resilient organization. Moreover, AI-enabled services can reduce reputational risk by avoiding negative PR, loss of brand trust, and anything that reduces competitiveness in a market. In essence, the right AI-enabled cybersecurity provider can be a game-changer for your organization, bolstering your defenses, and driving your business forward in a secure and efficient manner.
Dave Merkel, in his role as co-founder and CEO of Expel, emphasizes the importance of demonstrating the financial advantages (ROI) of AI-enabled cybersecurity solutions in terms of business objectives, using clear units, trends, and comparables against industry frameworks.
In the evaluation of potential AI-enabled cybersecurity providers, it's crucial to consider their alignment with an organization's specific business goals, providing demonstrable metrics such as improved threat detection rates and reduced response times.
