As a continuation of the "Artificial Intelligence and Its Relation to Cybersecurity" blog, this blog maps Artificial Intelligence (AI) Cybersecurity Applications to X-Analytics to provide a direct association to the X-Analytics Industry Benchmarks and other X-Analytics datasets.
The Link Between AI Cybersecurity Applications to X-Analytics
AI CS Application | X-Analytics Control Effectiveness | X-Analytics Loss Category |
Threat Detection and Prevention | ​Data Breach, Business Interruption, Misappropriation, Ransomware | |
​Intrusion Detection and Prevention Systems (IDPS) | ​​Network Monitoring and Defense (CIS CSC #13) | ​Data Breach, Business Interruption, Misappropriation, Ransomware |
​User Behavior Analytics (UBA) | ​​​Data Breach, Business Interruption, Misappropriation, Ransomware | |
Malware Detection and Analysis | ​​Data Breach, Business Interruption, Misappropriation, Ransomware | |
​Vulnerability Management | ​Data Breach, Business Interruption, Misappropriation, Ransomware | |
​Automated Incident Response | ​Incident Response Management (CIS CSC #17) | ​Data Breach, Business Interruption, Misappropriation, Ransomware |
​Fraud Detection | Misappropriation of Funds and Intellectual Property | |
​Security Analytics | ​Data Breach, Business Interruption, Misappropriation, Ransomware |
In the above table, the X-Analytics Control Effectiveness maps to the Center for Internet Security (CIS) Critical Security Controls (CSC).
In the above table, X-Analytics Loss Category definitions can be found here.
Can I Justify the Cost of an AI Cybersecurity Application?
Yes, the cost of an AI Cybersecurity Application can be justified using the X-Analytics Enterprise Application or other cyber economic application. The process is straightfoward.
Make a note of your organization's current annual exposure to cyber.
Create a duplicate exposure profile, modify where an AI cybersecurity application would improve your current control implementation, and make a note of your "what-if" annual exposure to cyber.
Subtract your "current annual exposure to cyber" from your "what-if annual exposure to cyber". Let's call this value your loss improvement.
Since most AI solutions eliminate human (or employee) costs, add those cost savings to your loss improvement. Let's call this value your total improvement.
Compare your total improvement to the cost of implementing the AI cybersecurity application.
If your total improvement value is greater than your cost of implementation, then you have justified the cost of an AI cybersecurity application. However, if the total improvement value is less than your costs of implementation, then you may want to reconsider your options.
Ultimately, AI is not a standalone solution. It should be integrated with human expertise and combined with other security measures. Additionally, AI will make mistakes. Hence, it is important to include skilled human labor to solve for insufficient data and training, algorithmic limitations, lack of context, adversarial attacks, and technical issues.
Comments