Comments
While data breach costs have been rising steadily, positive signs of cost savings through use of new technologies are emerging, says Vikas Arora, IBM Cloud and Cognitive Software Leader, IBM India/South Asia.
Cognitive systems and artificial intelligence (AI) as well as proper planning for incident response can significantly reduce theses costs, Arora told BusinessLine.
"Simplified automation alone will not work for organisations facing various kinds of threats. Today, an average security analyst investigates 20-25 incidents each day."
Complex alerts
It takes the average analyst 13-18 minutes to compare indicators of compromise to logs, threat intelligence feeds, external intelligence and manual research can yield false positives.
To make matters worse, with the changing landscape, security analysts struggle against an increasing volume of complex alerts, Arora observed.
With Security Operation Centres (SOCs) facing a talent crisis, there are too few qualified analysts who can handle the amount of alerts received on a daily basis.
As per a 2018 IBM Ponemon study, the average cost for a data breach in India was ₹ 11.9 crore. Average mean time to identify data breach increased from 170 days from previous year to 188 days. ‘Malicious or criminal attacks’ took 219 days on an average to be identified.
Incident response
The report further highlighted that the average mean time to contain data breach had increased from 72 from previous year to 78 days. Average time to contain 'malicious or criminal attacks' took 99 days.
Research has shown that 'intelligent orchestration' of the SOC can triple incident response (IR) volume and reduce time to response significantly thereby reducing average cost of data breach, Arora said.
Intelligent orchestration is the next generation of incident response, and goes well beyond standard orchestration and automation efforts.
It combines machine intelligence - which includes threat intelligence, incident context, and artificial intelligence – with human context, he explained.
"This enables even faster and more accurate decision making. It combines with an organisation’s knowledge and procedures, integrating across all of its SOC tools to deliver a guided response."
'Guided response'
A 'guided response' enables the right analyst or executive to receive the right information at the right time, Arora said.
IBM’s intelligent orchestration with the Resilient Incident Response Platform, a complete IR orchestration and automation platform, resets the standard for IR by accelerating the entire response process.
Intelligent orchestration empowers organisations to outsmart, outpace, and outmanoeuvre complex cyber security threats. Many Fortune 500 companies, and hundreds of partners globally today depend upon IBM for resilient best-in-class security solutions.
"This is an exciting leap into the future of incident response – a market that we pioneered and continue to innovate," Arora added.
A comprehensive ecosystem of security solutions powered by AI can enable the enterprise to prepare for sophisticated cyber threats, respond proactively to risks, and apply lessons learned to create future safeguards.
Comments
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.