Author: Matt Rodgers, Head of Product
Recently in an interview I was asked what I thought the opportunity was for Artificial Intelligence (AI) to improve the security landscape in the enterprise for CISOs. This was a tough question for me.
Sure, there are already many articles on how 2017 is the year of AI, but none that I’ve seen from a CISO’s perspective.
I’m not sure that I’ve ever been in a position to postulate about something that (1) was within reach of the average enterprise, and (2) can have so much impact on the security operator and CISO. So, I immediately rattled off an answer that sounded canned: “AI will improve security operations by automatically finding things that humans just can’t.”
I walked out of the interview feeling a little weird; I wasn’t able to give a complete answer.
First, I don’t think about machine-learning-based detection as AI very often, so I need to catch up with the popular parlance. Second, the details of how I think security operations and, more importantly, CISOs’ investments will improve with AI didn’t come across in my answer. So, I did what we all do sometimes, I went to Starbucks, stood in line… waited… and thought about it.
What I thought about was: how should we discuss the opportunity that AI presents to security analysts, security operations, and CISOs in the future? I wondered what would happen if we thought about the question from a cost/benefit perspective.
Below, I’ve attempted to draw out the costs and the outcomes — where the costs are the investments being made, and the outcomes are the benefits from those investments. I tried to simplify my thinking here, so I used a “Small/Medium/Large” concept in a 3×3 matrix. What developed seems to be a simple model depicting the opportunity to embrace the advantages of AI in the operations environment from a CISO’s perspective.
(As an aside, I bet if someone applied Moore’s Model of Technology Adoption Lifecycle, we might have an interesting maturity model for AI in enterprise security operations. Alas, that will have to be a blog post for another day.)
Security Investment Matrix
Please share your thoughts on this model. Help evolve this idea!
Perhaps, as this view of how AI fits into the big “operations” picture evolves, I’ll get better at waxing poetic about the opportunities that come with AI.