Ai in Cybersecurity Define Your Direction
Ai in Cybersecurity Define Your Direction
New
has disrupted business as usual. It’s also adding new levels
s
threat
of risk and distraction to an already challenging security
nd
landscape. And despite the upheaval, AI hasn’t yet fulfilled Cost a s
rce
its promises. ved resou Qualit
y
Impro e
s s
Still, yesterday’s disruption is tomorrow’s opportunity.
a n t i f iable defen n
Huma ion metric
Qu
Beyond the hype lies real promise for harnessing AI’s value.
mes entat
outco o m i s es of a u g m
AI can and will transform how organizations operate — Pr
ctivity
including security. In the meantime, as the challenges of Full produ
AI become more apparent and AI applications continue to ation
mature, turn your focus toward: autom
• Rightsizing AI’s impact
• Prioritizing key areas of risk
• Maximizing AI’s value
• Anticipating future changes
Generative AI
Source: Gartner
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 2
Minimize disruption Manage risk Harness AI
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 3
Minimize disruption Manage risk Harness AI
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 4
Minimize disruption Manage risk Harness AI
Source: Gartner
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 5
Minimize disruption Manage risk Harness AI
Prioritize securing
GenAI applications GenAI acceptable use policy (AUP)
Security service edge (SSE) product to secure web and SaaS usage
applications Bot detection controls to ensure only humans use GenAI applications
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 6
Minimize disruption Manage risk Harness AI
Focus on 3 key
areas of risk
GenAI promises multiple benefits,
Content anomaly Data Application
including greater efficiency and detection protection security
productivity. It also introduces three
new categories of risk.
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 7
Minimize disruption Manage risk Harness AI
onitor usage continuously against stated objectives, and adjust usage parameters
M
on an ongoing basis.
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 8
Minimize disruption Manage risk Harness AI
onitor changes in the threat landscape such as declines in detection accuracy and performance
M
of existing security controls. Ensure you have access to the right intelligence on the changing threat
landscape; scenario planning for future GenAI attacks is tricky and might not be the most profitable
use of resources.
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 9
Minimize disruption Manage risk Harness AI
repare and train your teams for dealing with direct (privacy, IP, AI application security) and indirect
P
(other teams using GenAI, such as HR, finance or procurement) effects stemming from GenAI uses
across the enterprise.
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 10
Minimize disruption Manage risk Harness AI
Invest in exposure management and threat intelligence to identify the most relevant threats.
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 11
Critical leadership roles to successfully set a strategy and implementation plan for AI
CIOs are looked to by their CEO, peers and the board to develop a formal AI strategy Cybersecurity leaders must ensure that cybersecurity and data privacy are an
(and/or name an AI lead) and successfully: integral part of AI strategy and successfully:
• Set an AI ambition for the whole enterprise and identify use cases and quantify • Provide overall program oversight on security and risk
benefits and risks • Anticipate and take actions against unforeseen consequences such as data breaches
• Align business and technology teams and change organizational competencies to or copyright violations
support AI • Continuously update skills and readiness against new threats
• Name an AI lead to orchestrate ideas and promote innovation
CDAO/Data & Analytics Leader + Team Enterprise Architecture Leader + Team Software Engineering Leader + Team
D&A leaders are expected to lead their organizations EA leaders are expected to drive tangible business Software engineering leaders must understand
in setting the data for AI strategy and must value from AI and must successfully: the implications of AI technology in depth and
successfully: successfully:
• Own the full AI infrastructure roadmap
• Identify AI use cases for augmented analytics and • Govern AI technology architecture investment • Clarify the desired business outcomes for AI
data management decisions integration
• Leverage existing D&A practices and establish D&A • Lead decision making about adopting AI solutions • Establish AI engineering best practices across the
governance policies for AI to drive business outcomes organization
• Develop new sources of value from data leveraging AI • Transform products, services and experiences and
• Be AI-data ready build an AI-first approach into roadmaps
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 12
Our research revealed several insights on how to enable each
role to take effective action toward valuable AI outcomes.
CIO/Head of Judiciously choose where to focus AI efforts Align the business on pilots based on potential Lead AI adoption for the enterprise by making it
Technology following Gartner best practices to select the business value and feasibility, looking for disruption an innovation practice with dedicated leadership,
highest-impact business metrics potential while enabling strategic objectives allocated resources and funding, guardrails, and
governance
CISO/Security Stay ahead of sophisticated attackers using Identify the best use cases for AI based on More effectively manage AI risk with teams
Leader + Team AI behavior models to improve threat detection feasibility and risk reduction using Gartner’s AI Prism working on AI projects evaluating cybersecurity
capabilities for Cybersecurity considerations at each stage of development
CDAO/Data & Drive alignment by quantifying expected value More effectively prioritize use cases by selecting Efficiently drive AI delivery by augmenting cross-
Analytics Leader of AI to a specific KPI and establishing leading and business value dimensions, refining use cases, and functional teams with data experts, using the most
+ Team lagging metrics to monitor driving engagement and decisions appropriate techniques and keeping technical debt
low
Enterprise Create an effective AI ecosystem by identifying More strategically plan AI initiatives using Deliver target business outcomes and avoid
Architecture areas for deeper investigation and developing AI Gartner’s four-step capability modeling approach for failures by following Gartner’s five-phase approach
Leader + Team plans and strategies an optimal AI infrastructure to AI execution
Software Deliver world-class application development Maximize the value of AI by identifying areas of Generate breakthrough ideas by combining human
Engineering operations by adopting AI-augmented software software testing where AI will be most applicable experts with generative AI to improve exploration
Leader + Team engineering practices and impactful, such as in visual testing and understanding of the solution space
Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 13
Actionable, objective insight
Explore these additional complimentary resources and tools: Access other AI insights from Gartner:
Building a Value-Driving AI Strategy for Your
Insights Insights Business
Cybersecurity Trends: Optimize for Resilience Build a Resilient Cybersecurity Roadmap for
and Performance Your Enterprise Get AI Ready — What IT Leaders Need to Know
See how top trends reflect the need for more agile and Keep your team focused on projects that support and Do
responsive programs. business goals and address risks.
AI-Ready Data Essentials
Tool Webinar
Gartner Cybersecurity Business Value Navigate Evolving Risks & Security Challenges Cybersecurity and AI: Enabling Security While
Benchmark in Enterprise AI Systems Managing Risk
Explore new standardized measures to benchmark vs. Learn how to secure AI and implement required measures
peers, mitigate risk and meet business objectives. to prevent AI failures.
Already a client?
Get access to even more resources in your client portal. Log In
Advance your AI
strategy by attending
a Gartner conference
Join your peers to share valuable insights on how to
communicate AI’s opportunities and risks; strategize,
pilot and scale; and manage AI’s impact on enterprise
software, talent and skills, risk, trust, and governance.
© 2024 Gartner, Inc. and/or its affiliates. All rights reserved. CM_GTS_3105197
Connect With Us
Get actionable, objective insight that drives smarter decisions and
stronger performance on your mission-critical priorities. Contact us
to become a client:
U.S.: 1 855 811 7593
International: +44 (0) 3330 607 044
Become a Client