IBM Security Global Forum

 View Only

Accelerating Threat Investigations with watsonx

By Adrian Mahjour posted Mon December 04, 2023 11:05 AM

speaking session

With the move to Cloud and IT modernization, security leaders are overwhelmed by a barrage of cybersecurity technologies, a shortage of skills, and a need to respond more quickly to advanced threats across an ever-expanding attack surface. Security teams use too many disparate tools that generate too many alerts, and the reality is that there are limited skills and insufficient time to manage this complex attack surface. As a result, their security teams struggle to adapt their operations quickly enough to ensure effective detection and timely response to incidents in their environment.

Classical AI models already provide tremendous value to security analysts (Cost of a Data Breach Report, 2023). However, these human-trained AI models must improve as the threat landscape evolves. Furthermore, skills continue to be challenging, with security becoming a shared responsibility. As cybersecurity incidents get more complicated, it can take time for analysts to gather the evidence for an incident promptly and consistently. It requires specialized skills to parse large amounts of nested data - resulting in a slow or erroneous response to cybersecurity incidents.

Generative AI can aid organizations in getting to the next level of defense by automating manual tasks, addressing human bottlenecks, and scaling security skills. Early analysis shows that it can help analysts save up to 90% of their time investigating a security incident. They can simplify the threat management chain by leveraging watsonx's large language models (LLMs) and automating the threat investigation process. Using LLMs, security analysts can save time with automated triaging, enable collaborative investigations, and generate an incident summary to allow analysts to arrive at a quick analysis and disposition of an incident.

By leveraging the power of watsonx's LLMs, organizations can accelerate the response to cybersecurity incidents. Generative AI provides tailored insights for all users, allowing executives to quickly understand the critical points in an incident while also providing analysts with a detailed and comprehensive summary. Organizations can also become more efficient by leveraging watsonx to manage repetitive tasks such as incident summarization, empowering analysts to focus on mission-critical tasks such as responding to and mitigating threats. Watsonx empowers analysts at every skill level by translating complex systems and data structures into natural language. Analysts and other SOC members can interact with models by leveraging a chat interface to gain deeper insights into their security incidents. Organizations can empower the SOC to generate accurate insights quickly, accelerate decision-making, and reduce response time by leveraging the power of watsonx.

Make sure to join me and other subject-matter-experts Dec 6th for wastonx day. Register for here.