Data breaches and cyber threats have become an industry norm and the world of cybersecurity now finds itself at an interesting dichotomy. While automation presents unparalleled benefits in boosting defences and enhancing teams’ agility to counter cyber threats, its rise has also created highly sophisticated adversarial attacks, internalising the logic of automated tools to deceive them. Now that the tools of the trade are mastered by hackers, enterprises are becoming more vulnerable to infiltration. Nevertheless, AI stands as an indispensable asset to build long standing digital resilience. It streamlines workflows and provides constant monitoring, becoming an active and reliable companion to cybersecurity teams. Yet, not all AI security solutions are created equal. CISOs have to navigate the nuances of AI integration while ensuring human expertise continues to guide cybersecurity efforts.

The CISO role and their outlook towards automated tools

Amidst the adoption of automation to eliminate security threats, Indian enterprises experience an unusually large attack surface due to highly complex and fragmented security stacks. These factors are contributing to increased vulnerability, leading to mounting cybersecurity challenges. According to Splunk’s State of Security 2023 report, organisations in India have encountered a 59% increase in breaches over the past two years, compared to 45% within the broader APAC region. As the volume and sophistication of security threats rise, their susceptibility to breaches will only widen if they do not take action.

In response to these challenges, CISOs in India are rightly turning to AI-based solutions to enhance their defences for long-term organisational resilience. Employing automation is being perceived as a measure to boost defences from macroeconomic fluctuations. Today, for automation-led cybersecurity strategies to achieve higher levels of effectiveness, the role of the CISO and the broader security function is being integrated into boardroom level strategic decisions.

According to Splunk’s CISO report 2023, the vast majority (78%) of organisations now report having a dedicated board-level cybersecurity committee. However, this increased alignment with corporate strategy also needs to reflect by way of cross-collaborations with ITOps, software engineering and cloud teams. 27% of CISOs believe that this cross-functional integration is essential to bolster security defences in the long-run. This percentage is bound to increase as operating environments and digital threats continue to get complex.

True organisational resilience has to be built through a holistic approach where security leaders work closely with IT and business executives and contribute to boardroom discussions. This effective collaboration ultimately serves to enhance business resilience by minimising costs associated with long downtimes and driving effective digital transformation to adapt to the dynamic business landscape. When security teams are seen as enablers rather than roadblocks to organisational strategy, they contribute to the overall long-term success of a business.

How AI-based approaches can be implemented to address cybersecurity concerns

Despite an increasing proclivity towards including security teams in strategy-led conversations and the gradual integration of automation in threat detection tasks, CISOs continue to find themselves navigating an entangled stack of disparate data sources. Siloed security infrastructure continues to create difficulties with overseeing resource usage across multi-cloud environments. Predicting threats in advance becomes an insurmountable task, requiring constant human intervention and creating undue pressure on the team.

To overcome these hurdles and achieve more granular visibility into complex security stacks, organisations are turning to unified, full-stack AI-based tools to centralise data, correlate logs with ease and quickly detect unusual behaviour. Moreover, overseeing resource usage and allocation across multi-cloud environments becomes seamless, eliminating the need for tedious manual intervention.

It is essential though for CISOs to recognise that not all AI-based security solutions are created equal. There are three key factors that CISOs must be mindful of as they navigate the complexities of AI in the cybersecurity space:

1. Human in the loop- While AI provides significantly enhanced capabilities, it cannot operate in complete isolation. Cybersecurity professionals must be seen as the ultimate decision makers when it comes to protection strategies, requiring full access to automated security data. It is important to incorporate human intervention in the threat response process as automated systems can also be subverted by evolving infiltration mechanisms. A human in the loop solution allows for the most effective functioning of cybersecurity teams as it creates a more nuanced processing of potential threats. Security teams should ensure that their intelligence continues to guide AI-driven security efforts and course of action. AI has to then be positioned as a complementary augmentation tool that boosts productivity, working with security teams as a close enabler.
2. Open and extensible models-As a business scales its operations and updates its IT infrastructure stacks over time, it becomes important to employ cybersecurity solutions that have a high degree of interoperability with existing systems. This is where an open and extensible model shines- allowing organisations to extend their own models or cybersecurity stack that are in line with their policies, risk tolerance and local regulatory requirements. This flexibility not only safeguards digital assets efficiently, it also ensures that an organisation’s defence remains resilient and responsive to future challenges.
3. Responsible AI-As the stewards of organisational security, CISOs bear the responsibility of ensuring that AI-based solutions align with established ethical standards and regulatory frameworks. Deploying these tools in the security stack should be approached with rigorous considerations of data privacy, transparency and accountability. Ethical and responsible AI practices have to not just be perceived as regulatory requirements, and instead be positioned as moral imperatives aligned with the organisation's overall ethical framework.

As CISOs increasingly acknowledge AI’s role in cybersecurity, AI-based solutions that integrate human expertise, are open and extensible and considers AI ethics can help CISOs and their organisations build long-term resilience against ever-evolving, sophisticated threats and in turn, safeguard their digital future.

Disclaimer: The above content is published with the intention of promoting India's AI ecosystem and educating the public about AI and its developments. However, it should be noted that INDIAai and MeitY do not endorse or have any affiliations with the products, startups, and organizations mentioned in the article. Readers are advised to conduct their own research and due diligence before engaging with any mentioned entities.

• Photo by Towfiqu barbhuiya on Unsplash