Advanced Computing in the Age of AI | Thursday, September 28, 2023

Three Ways Artificial Intelligence Is Transforming Network Security and User Experience 

Today, we stand on the precipice of a great transformation. Artificial intelligence (AI) and machine learning (ML) are fundamentally shifting the way people work, express themselves, as well as how they get business done. These innovations will not only help organizations be agile and serve their customers better, but it will also help secure them against a never-before-seen threat landscape.

AI is continuing to proliferate in our industry – according to Statista, the global AI in cybersecurity market is expected to reach nearly $47 billion by 2027. Interest in the technology will only continue to increase as we see new innovations emerge.

As organizations across the globe adopt solutions that best leverage AI to fundamentally change the way they approach security, the key question emerging is about how to get to this AI-powered nirvana state. More and more, this means moving away from fragmented and siloed tools in order to unlock the true power of data.

The “Three Cs” of Data Underpin Powerful AI and ML

In addition to the obvious benefit of simplified management, one additional attribute to consolidating your tools is the ability to leverage AI and ML across your security, networking, and user-experience management, all unified from the same data lake. For an organization to realize this full potential, however, there are three principles of data that must be followed:

  • Complete Data. You need all of the data for the problem you’re solving. This means data elements from security, networking and operations have to be collected in one central place.
  • Consistent Data. The formatting, structure and labeling of the data should be unchanged across all collected elements. Any disparities can negatively impact data quality and outcomes.
  • Correct Data. You should have unwavering trust in the data so that any output can also be trusted. The way data is collected and summarized must be the same across all of the sources feeding the data lake.

With these key data principles in place, there is a solid foundation for AI to fundamentally transform network security. Organizations can see this impact in three distinct ways:

1) Reshaping IT Operations

It’s no secret that today’s core IT operations teams, including the security operations center (SOC) and network operations center (NOC), are overworked and understaffed. As an example, the average ops team receives tens of thousands of alerts and events every day, a majority of which are meaningless and simply creating ‘noise.’ For most organizations, however, the current experience for an ops analyst includes combing through these alerts manually, to be sure a real threat isn’t missed. This is a time-consuming activity and causes security and network professionals to pour hours into work that yields very little results.

Introducing AI for IT Operations (AIOps), for example, offers deep visibility and automation across a network, including all users, branches, and applications. With this new AI-powered context, an alert or event can be connected to larger data points for more effective resolution – all within minutes. This means instead of someone needing to sift through thousands of meaningless alerts,  AIOps can help pull out the most relevant ones so the team can focus efforts on solving true issues.

2) Unearthing Unknown Threats

Just as cybersecurity tools are evolving with technology, so are the tools available to threat actors. The power of AI can help identify signs of malicious actions or operations introduced in “unknown” or unseen variants, unlike anything a human ever could. Machines are very good at sifting through the mass amount of alerts to pinpoint anomalies by scanning hundreds of thousands of data points and continuously learning hyper-specific details about an organization, which better positions the technology to flag when a new anomaly emerges. Once identified, organizations can proactively categorize and contain emerging threats before they become real problems.

3) Improving the User Experience

Not only can AI alleviate some of the pressure on security and network teams, but it can also help streamline frustrating pain points for end users. For example, troubleshooting access and performance issues have historically been a manual and slow process. When security processes like this get in the way of user experience, it often leads users to become frustrated and circumvent security to quickly solve their issues. This can lead to an organization becoming vulnerable to attacks, with looming threat actors waiting for a user to slip up and bypass security measures. AI has the ability to autonomously manage the digital experience of the end user by proactively fixing the hurdles users face before they even happen. Ultimately, the benefits are twofold – the user has a streamlined and positive experience, while security is kept intact.

Whether it’s helping us write a book, drive a car, or predicting the likelihood of developing certain diseases, AI has the opportunity to impact every aspect of our lives. And, as we begin to apply this new innovation to our organizations, we are beginning to see a future where AI will have an equally profound impact across the security and network operations, and ultimately the experience a person or business team has with technology.

About the Author

Kumar Ramachandran serves as senior vice president of Products for SD-WAN and secure access service edge (SASE) products at Palo Alto Networks. Kumar co-founded CloudGenix, establishing the category of SD-WAN, and served as CEO until the company was acquired by Palo Alto Networks in 2020. He has championed AI adoption within the company and the SASE products specifically, which is more important than ever today. Palo Alto Networks recently partnered with Wakefield Research to ask 1,300 C-suite leaders who were responsible for cyber transformation what their priorities, concerns, and opinions for the future were. Nearly half of C-suite leaders (49%) reported they feel AI will have the highest impact on security in the realm of more effective threat detection.

Prior to founding CloudGenix, Kumar held leadership roles in Product Management and Marketing for the multi-billion-dollar branch routing and WAN optimization businesses at Cisco. Prior to Cisco, he managed applications and infrastructure for companies such as Citibank and Providian Financial. Kumar holds an MBA from UC Berkeley Haas School of Business and a master's in computer science from the University of Bombay.

About the author: Tiffany Trader

With over a decade’s experience covering the HPC space, Tiffany Trader is one of the preeminent voices reporting on advanced scale computing today.