Please register to access this content.
To continue viewing the content you love, please sign in or create a new account
Dismiss
This content is for our paying subscribers only

Business Analysis

Comment

On cyber security, is it time to get AI help out more?

It is early days, but AI-empowered cyber defences cost organisations less on breaches



Are Middle East businesses willing to hand over more powers to AI when it comes to cybersecurity?
Image Credit: Supplied

Companies that use data as the foundation for every business decision, strategy, and operating model have a significant competitive advantage.

As the value of data rises, the security risk expands proportionately. Cyber threats are proliferating, and cyber criminals are becoming increasingly inventive, giving Chief Data Officers (CDOs) additional challenges to consider.

According to IBM Security’s Cost of a Data Breach Report 2022, 83 per cent of the 550 organizations surveyed witnessed more than one data breach between March 2021 and March 2022. Alarmingly, the average cost of a data breach reached an all-time high during this period at $4.35 million – a 12.7 per cent hike over 2020.

This figure was even higher – $4.82 million – when critical infrastructure was involved, and climbed to a whopping $10.10 million in the healthcare sector, where the average cost of a breach has consistently been the highest. A major data breach can negate months - even years - of hard work in a blink.

Data and the 24x7 need to secure it

A survey entitled Turning data into value: How top Chief Data Officers deliver outsize results while spending less notes that the majority (82 per cent) of CDOs in the Middle East and Africa region rank security as the most important characteristic of their data architecture. (The study, conducted by the IBM Institute for Business Value in cooperation with Oxford Economics, interviewed 3,000 CDOs from more than 30 countries across 29 industries.)

Advertisement

The study also reveals that just over a half of organizations are fully compliant with data legislation and standards, and less than two-thirds of CDOs agree that their organizational data and customer data are secure and protected. In a worrying statistic, only 57 per cent of respondents in the MEA region count ensuring data security among the most critical responsibilities of their role. The lead belongs to increasing data RoI, which is top of mind for 67 per cent CDOs.

The findings highlight the need for organizations to prioritize data security and compliance by investing in robust data protection strategies and adopting the latest security technologies to protect themselves against cyber threats.

AI as the gatekeeper

Entities that use AI, machine learning, and analytics to identify and contain intrusion attempts and other incidents generally fare better than those that rely on processes driven by manual inputs to address cyber threats. Tools such as ‘Security Orchestration, Automation, and Response’ (SOAR), ‘Security Information and Event Management’ (SIEM), and extended detection and response (XDR) can help reduce data breach costs and lifecycles.

Breaches at organizations with fully deployed security AI and automation cost $3.05 million less on average than breaches at organizations with no such solutions in place. It’s no wonder that the share of companies with fully or partially deployed security AI and automation increased from 65-70 per cent between 2021 and 2022.

Secure ecosystem partnerships

Ecosystem partners serve as key value creators for corporate data strategies for almost three-quarters of organizations in the MEA region. However, they also add complexity, especially where cybersecurity and data protection are concerned.

Advertisement

Collaborative infrastructure and mutual dependencies require a shared approach to external threats; therefore, organizations need to collaborate on their cybersecurity threat intelligence with all their partners.

A chain is only as strong as its weakest link. Organizations need to be aware of the risks that come with third-parties, and how they can impact the security posture of the whole organization. Only organizations that adopt a zero-trust approach to security and protect their data on all fronts with holistic, end-to-end solutions can build confidence among their stakeholders and differentiate themselves from competitors.

It’s essential for organizations to recognize the associated risks of third-party involvement and understand their potential impact on overall security.

  • Where is your organization currently on this journey?
  • Do you have a clear and concise roadmap in the event that you were to experience a breach?
  • How would you respond?
  • Is this factored within your budgets?

Understanding the threat landscape and actively driving preparedness and response services to achieve cyber resiliency is critical.

Advertisement
Richard Mack
The writer is MEA Executive Security Consultant at IBM.
Advertisement