Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Data Centre Solutions is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Data Centre Solutions Video magazine contains the latest Zoom interviews with experts in the industry.
We have entered a dangerous phase in cyber security marked by the rise of deepfakes, polymorphic phishing schemes, and AI-driven reconnaissance tools that are now both accessible and highly effective. The expense of launching an attack has significantly decreased, enabling untrained threat actors to create increasingly sophisticated attacks that breach user security, infiltrate infrastructure, and extract valuable data in just hours instead of days.
At the same time, the cost of defending a company’s perimeters remains constrained by budget cycles, compliance requirements, and multiple levels of change control. Security teams are often burdened with the impossible task of sifting through large amounts of data to detect signs of a security breach. This is true of 85% of analysts who spend substantial time gathering evidence to turn an alert into a usable security case.
This ultimately constrains security teams' ability to focus on more urgent security issues and threats. Therefore, these teams must begin offloading and automating some of these processes to ensure better accuracy and efficiency when navigating the complex threat landscape.
Introducing Agentic AI
This is where Agentic AI steps in as part of an established Managed Detection and Response (MDR) solution, enhancing the role of the analyst rather than replacing them. Agentic AI acts autonomously, making decisions rather than simply assisting while continuously learning and improving over time. This can assist in offloading the burden of tasks that security teams are inundated with.
Human involvement in threat investigations can lead to costly errors and inconsistencies for organisations. Agentic AI is changing this dynamic by taking independent action, using machine learning to triage, investigate, respond, and escalate issues at machine speed. This technology enhances the detection and response to high-value threats with greater accuracy, while minimising human error.
Agentic AI in Action
Agentic AI isn’t just a theory; it is already reshaping how security operations centres (SOCs) detect and respond to threats. Agentic AI provides critical insights that might be overlooked due to user errors and misconfigurations. Monitoring the threat landscape 24x7, Agentic AI tools ensure timely escalation and support for security incidents, particularly when human teams may be less vigilant or response times are prolonged.
Other Agentic AI capabilities include:
• Auto-prioritisation of alerts ranks alerts by considering the risk context rather than relying on predefined severity scores.
• Case summarisation analyses and learns from the behaviours of top analysts to enhance decision-making and efficiency.
• Response recommendations offer actionable suggestions for responding to incidents, complete with supporting evidence to facilitate faster resolutions.
• Threat hunting queries are generated, fine-tuned, and executed proactively, eliminating the need for analysts to wait for a formal ticketing process to begin investigating potential threats.
Speed Without Losing Control
While the demand for speed is essential as security teams manage the evolving attack landscape, it must not come at the expense of accountability and responsibility. Agentic AI models must operate with user control, transparency, accountability, and explainability in mind, as per the guidelines below:
• User Control: Provides human experts with the ability to define the appropriate level of automation for their operating and business environments. Users can decide when to relinquish control to automation and when to override it in case of any errors to avoid impacting business and service continuity.
• Transparency: Any actions taken by the system using artificial intelligence should provide reasoning and references to the data points that were used and clear identification of when AI is in use.
• Explainability: Provides extensive information on the process of generating AI produced content, instilling confidence in the content.
• Accountability: Ensures AI and AI powered features are accountable, making the natural interlacing of human and machine actions easily distinguishable for reporting or auditing.
Redefining AI in Cyber Security
Agentic AI marks a critical shift in how cyber professionals tackle increasingly sophisticated and complex threats. It empowers analysts to move beyond responding to alerts, allowing them to instead focus on high-level decision-making and innovative, strategic thinking.
By redefining the existing rules of engagement between AI and cyber security, organisations can effectively navigate complex cyber security challenges and safeguard their networks against potential breaches and attacks, at a time when the financial, legal, and reputational stakes have never been higher.
In doing so, businesses can maintain a competitive edge, enabling them to remain one step ahead of malicious actors.
