Cybersecurity is one of the highest costs that enterprises face at 12% of IT budgets on average, and this cost is rapidly rising. While a company can lay off staff or reduce marketing and R&D expenses during a period of lower growth, enterprises cannot compromise on cybersecurity. The rise in the number of attacks and the increased sophistication of attacks means this expense will continue to grow, yet AI and automation can help.
According to Cybercrime Magazine, if cybercrime were a country, it would be the world’s third-largest economy, second to the United States and China. The costs that enterprises dedicate to cybersecurity are expected to increase from $8 trillion to $10.5 trillion by 2025. Statista agrees with Cybercrime Magazine’s estimates, stating the cost of cybercrime will reach $10.3 trillion by 2025 and $13.8 trillion by 2028.
At the I/O Fund, we are positioning for AI and automation to play an important role in this critical, no-compromise industry. There are 560,000 new pieces of malware detected every day, and software systems cannot keep up with this. AI is already assisting human teams in identifying which threats require more analysis, and in the near-term, this will meaningfully lower cybersecurity costs. There is also a shortage of cybersecurity talent, with a 2022 survey stating 59% of companies have a shortage in this department and may not be able to effectively handle a cybersecurity attack.
Below, we look at how AI is set to disrupt cybersecurity next and what is being said on the topic.
How AI Can Improve Incident Response and Threat Detection
Combining cybersecurity with AI has a natural affinity as cyberattacks are computer generated, and in turn, computers are uniquely capable of finding computer-generated threats. Automation reduces the number of false positives. Instead of getting every piece of telemetry that requires the security team to investigate, AI-assisted endpoint detection and response solutions eliminates the noise so that the security team is only responding to those that have the potential to be critical.
Fundamentally, cybersecurity is a data problem. Cybersecurity platforms ingest, correlate, and query petabytes of structured and unstructured data from disparate external and internal sources in real-time. Cybersecurity platforms then build rich context and deliver greater visibility by constructing a dynamic representation of data across an organization.As a result, AI-driven cybersecurity platforms are often highly accurate in triggering a response.
The number of endpoints in a corporate network are exponentially growing with 27 billion endpoints expected to be connected by 2025. There have been staggering studies done that show 68% of enterprises have experienced a compromised endpoint. Compromised credentials across desktops, laptops, and mobile devices are often the hardest points of access to secure. Algorithms can detect new malware on endpoints based on the attributes of known malware. Unauthorized access, data breaches and cyber threats from endpoints will also help to drive demand for edge-based, decentralized AI cybersecurity solutions.
The network security market is a large contributor to cybersecurity spend. Machine learning algorithms help systems to learn by experience, which helps to identify malware in encrypted traffic and find insider threats. Machine learning algorithms do not need to decrypt, rather can spot the malicious patterns and find threats hidden with encryption.
Cloud security is the fastest growing segment within cybersecurity. AI/ML can help to identify suspicious cloud app logins, detect location-based anomalies, and quickly identify threats through IP reputation analysis. Threat prevention is possible through ingesting cloud telemetry with AI systems, foregoing the need for expert rule engineering. Attack path simulation is also made possible with AI, to help simulate the path an attacker would take to reduce coverage gaps. Egress web traffic can be monitored without the need to configure virtual machines by focusing on limiting egress based on source, identity, destination and request types. Machine learning models can also detect new API threats based on large training data sets. These are a few examples of how AI/ML is improving cloud security.
Chat-GPT heightens security risks as generative AI is capable of writing malicious code or acting as a sidekick to the human hacker writing malicious code. To level the playing field, the best defense will also be self-learning, generative AI tools. The downloads for Chat-GPT have plateaued considerably among consumers. Meanwhile, the use of Chat-GPT among hackers is rising on an exponential curve. This helps illustrate why the adoption curve for AI may be healthier among enterprises (rather than consumers) in the medium-term.
According to Mackenzie Jackson, a developer advocate with GitGuardian, Chat-GPT is likely to give rise to a greater number of hackers. This new generation is called “AI Hackers” because previously they could not hack on their own, but are now able to hack with generative AI as their sidekick.
Source: RAPID7: BAIN & COMPANY
What the C-Suite is Saying About AI & Cybersecurity
McKinsey released a recent report where 53 percent of organizations believe generative-AI is driving new risks in cybersecurity. Not only can AI help enterprises expedite threat detection, but hackers can also expedite the end-to-end attack life cycle. In another survey, 38 percent of enterprises stated they are mitigating AI-related cybersecurity risks compared to 32 percent who are mitigating inaccuracies, indicating cybersecurity is the top risk that is AI-related at this time.
According to Forbes, 56% of enterprises ranked governance, security and auditability issues as their highest-priority concern with AI/ML spend. This survey was completed in 2021, and it’s likely this number is higher today.
What Public Company CEOs are Saying
Microsoft has one of the largest cybersecurity businesses in the world at $20 billion. This is larger than six best-of-breed companies combined. The company has been working for years on new automation features called CoPilot, which was released to the public this month. Although it’s being marketed for Windows, Office 365 and the browsers Bing and Edge, yet will also become an AI companion for it’s cybersecurity business. Per the CEO in the most recent earnings call: “our Security Copilot, the first product to apply this next generation of AI to SecOps will be available to customers via paid early access program this fall.”
Source: BETH KINDIG’S TWITTER
Palo Alto Networks is a company that has outsized returns this year of up to 78% following the most recent earnings call. It’s currently trading at 66% gains YTD. The CEO stated in the most recent earnings call: “I think what’s important to understand is that over the last five years, cybersecurity TAM has continued to rise. It has grown at approximately 14%, and it has grown twice the pace at which the IT market has grown […] and possibly now with the sort of arrival of AI as a mainstream opportunity, every one of us is trying to make sure we grab that with both hands. So, we will continue to see the pace of technology spend go sort of up or forward.”
Cloudflare is a stock that is up 35% YTD and is edging out the Nasdaq-100 this year, which is no small feat given the rally Big Tech has seen. The CEO recently stated that his company is seeing an uptick in business on their R2 product: “And by our estimates, Cloudflare is the most commonly used cloud provider across the leading AI startups. They’re using R2 to help arbitrage the lowest GPU cost to train their models.”
Using AI to identify threats and for pattern recognition and anomaly detection is not new by any means. Rather what is rapidly coming to market are platforms enabled with generative AI and automation that is self-learning, so that a threat is detected before it occurs rather than after the cyberattack. Rather than threat detection, the ultimate goal is threat prevention.
AI will not entirely replace security professionals anytime soon, but it can contribute to efficiency by automating threat detection, analyzing data sets, and by continuously learning to identify anomalies and new attacks before they occur. By offering agentless solutions, theoretically, fewer human agents will be needed. For new technologies, the adoption curve can be challenging (go ask virtual reality enthusiasts how that’s going). But for industries where AI can offer a value proposition that can predictably lower costs at a reasonable price, a market will form. We think one of the next markets to be disrupted by AI will be cybersecurity.
If you own cybersecurity stocks, or are looking to own cybersecurity stocks, we encourage you to attend our weekly premium webinars, held every Thursday at 5:00 pm EST. Next week, we will discuss a cybersecurity stock we recently entered and one that we are eyeing closely — what our targets are, where we plan to buy, as well as where we plan to take gains.
I/O Fund Equity analyst, Royston Roche, contributed to this analysis.