Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , RSA Conference

Threat Response: SOC Analysts Prepare for an Uphill Battle

IBM Security's Mary O'Brien Discusses Barriers to Efficient Threat Response
Mary O'Brien, general manager, IBM Security

The speed at which we're seeing ransomware attacks has increased dramatically in the last couple of years - and it's only getting faster, warned Mary O'Brien, general manager, IBM Security. Ransomware deployment has increased from three months to four days on average.

See Also: MITRE and XDR Integration | Enhancing Threat Detection and Prioritization of Advanced Threats

The rapid acceleration of threats and security incidents has made security operations centers, or SOCs, more vigilant. As businesses digitize, the attack surface is getting more sophisticated. SOC analysts are grappling with numerous challenges. O'Brien said they are inadequately resourced as they attempt to manage a plethora of security tools, extract data from each of them, integrate the data and make sense of it all. Artificial intelligence may offer a solution.

"After many years of security, the security fraternity is talking about adopting AI and automation. I think we have finally reached a point where AI has become sophisticated enough to demonstrate some real value to the SOC analysts," she said. "At IBM, what we're using AI and automation for is to take the noise out of the system, to allow machines to do what machines do. We have taught the machine how an analyst would handle low security risks."

In this video interview with Information Security Media Group at RSA Conference 2023, O'Brien also discusses:

  • How the speed of ransomware deployment has changed in recent years;
  • The most significant challenges SOC analysts face today;
  • How tools like ChatGPT can help SOC analysts investigate ransomware.

O'Brien is responsible for leading the strategic direction and growth of IBM's extensive security software portfolio. She leads a global team focused on delivering products that secure the hybrid cloud and mission-critical data for enterprises. She has more than 30 years of industry experience in the U.K., U.S. and Ireland.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.