Site Search

Menu

Insights & Media

Menu

Blogs & Articles

Menu

Radio & TV interviews

Featured

27th CEO Survey

The New Equation

Loading Results

Accelerated path to Artificial Intelligence integration for enhanced cognitive cybersecurity
accelerating-renewable-energy-investment-in-west-africa hero
  • Publication
  • May 19, 2024

Strategic partnerships and AI Integration can set the stage for building the cybersecurity function of the future.

In today’s digital landscape, companies, especially newer ones, face an urgent need to swiftly develop their cybersecurity capabilities to counteract increasingly sophisticated cyber threats. However, they often encounter obstacles such as resource scarcity within their cybersecurity departments, which impedes their ability to strengthen defences promptly.

As cyber attackers continue to evolve and harness advanced techniques, including AI and emerging technologies, the disparity between defensive capabilities and threat sophistication broadens. This leaves organisations exposed to potentially devastating breaches.

To effectively navigate these challenges, the optimal strategy involves leveraging partnerships and alliances. These strategic collaborations not only accelerate the development of cybersecurity capabilities but also mitigate resource shortages. By partnering with trusted allies, companies can bolster their defensive posture while freeing up internal teams to concentrate on innovation and the integration of cutting-edge technologies.

In essence, the white paper will explore how companies can hasten their journey to cybersecurity maturity by embracing collaborative approaches, thus empowering them to defend against complex threats while remaining at the cutting edge of technological innovation.

The challenge for cybersecurity teams to handle emerging threats

Cybersecurity is a relatively new domain that hasn't been around for as long as other traditional fields, such as medicine or engineering. Hence, it hasn't had the same level of resources and support that other fields have benefited from over the years. Despite this, significant technological advancements and increase of reliance on digital components in recent decades have greatly widened the threat surface, which ultimately created a high demand for cybersecurity professionals. 

Given the scarcity of highly skilled cybersecurity resources available, it has made it difficult for leadership within organisations to find and maintain such resources and ensure they continuously increase their skills and competencies to match the increasingly advanced techniques and tactics of adversaries. 

Use of emerging technologies, such as Artificial Intelligence (AI) and Quantum Computing is even introducing newer attack vectors now and in the near future, which requires cybersecurity professionals to consistently upgrade their abilities to keep pace with the latest threats.

With the rapid involvement of emerging technologies, reliance on Operational Technologies (OT) and the increase of utilising Internet of Things (IoT) along with the changes in the business environment, the identification of the most valuable assets (i.e. Crown Jewels) due to the lack of communication between the departments and the cybersecurity. This challenge is further magnified by the presence of shadow IT practices within many departments where departments independently procure and manage technology solutions without the involvement or oversight of the IT or cybersecurity teams often neglect implementing essential cybersecurity controls on these environments. 

Time is another critical factor in cybersecurity. It can significantly affect the outcome of efforts to mitigate cybersecurity threats before, during, and after an attack. For instance, the failure to patch a vulnerability early on, delay in detecting an attack, or slow recovery after a cyber-attack can cost organisations a significant amount of money, damage their reputation, and/or erode customers' trust.

Assuming that cybersecurity functions are able to find and retain the right resources, while having the right procedures in place to swiftly respond to cyber-attack, they need to be able to cope with infrastructure and digital expansion. The expansive nature and intricacy of digital landscapes adds more responsibilities on the cybersecurity functions. Almost all organisations now have a website, many have their own mobile applications, few have already established their presence on the metaverse and some are even developing their AI models. While such advancements help organisations improve the lives of their customers, they also attract the attention of malicious actors. 

Awareness of the cybersecurity risks by the Board of Directors enables them to understand the potential cyber threats and their impacts. Without such awareness the cybersecurity department may not receive the required focus and investments to overcome unforeseen cyber events. 

All these challenges will not only impose high demand on the cybersecurity function but will also require other organisation departments to expect clearly communicated Service Level Agreements (SLAs) that are achievable by the cybersecurity function.

How can cybersecurity functions take control?

To address the cybersecurity challenges organisations are facing in terms of resource constraints, cybersecurity capabilities, or recovering from cyber incidents, the first imperative step to the problem is raising awareness and understanding its root cause. This shouldn’t be confined to the cybersecurity function alone -it needs to be effectively communicated and discussed with organisational leadership. Cybersecurity functions also need to quickly understand and prioritise the different areas where the organisation can be more valuable, taking into account the intersection between organisation’s top valued assets and its weakest cybersecurity controls, whether technical or administrative.

Considering the resource, time and technology expansiveness challenges, cybersecurity functions would need to have great alliances and partners to help them establish the basic capabilities as priority, while it works on strategically improving its overall cybersecurity posture. The establishment of such capabilities should be done hand-in-hand with the participation of existing organisation resources to ensure they quickly absorb the needed expertise from partners and alliances.

As organisations implement basic cybersecurity capabilities, the involvement of their cybersecurity resources should gradually increase. By participating in the establishment phase, they will be in an excellent position to maintain it, while also improving on their capabilities by learning how to tackle daily challenges. In the meantime, cybersecurity functions would need to continue filling the gaps and adding more qualified cybersecurity resources to its team, in alignment with organisational demand for cybersecurity services and its existing cybersecurity resource capacity and capabilities. This approach will allow for a smooth transition to a more stable and permanent cybersecurity capability that brings the best of both worlds: external expertise and perspectives blending into internal understanding of organisational needs and context.

AI for cyber defence:  Is it still too early or a much needed tool?

Artificial intelligence is becoming more and more integrated into our daily lives and the field of cybersecurity is no exception, as AI is being used in a variety of ways - from malware detection to network protection and behavior analysis tools. In the following paragraphs, we will explore some specific examples of how AI can help address the challenges we are discussing in this whitepaper.

The introduction of cognitive technology has the potential to dramatically improve the Governance, Risk, and Compliance (GRC) activities by streamlining the review and update of key cybersecurity artifacts such as policies, procedures, and architecture designs. This not only enhances efficiency but also enables organisations to maintain regulatory compliance seamlessly with fewer resources.

Another key aspect of cognitive cybersecurity lies transforming the  Security Operations Center (SOC) functionality. The SOC team, armed with advanced cognitive capabilities, would be capable of identifying and responding to cybersecurity threats more efficiently. By combining the expertise of human analysts with AI technologies, decision-making can be accelerated, which is crucial in a landscape where timely and effective threat mitigation is paramount.  This dynamic integration can break the time constraints that organisations often struggle with, ensuring swift responses to emerging threats.

The use of AI in the continuous review of cybersecurity, can provide great advantages in monitoring and maintaining continuous visibility into the IT landscape. By leveraging AI, the review teams can also proactively monitor and identify the possibility of new vulnerabilities being introduced when scaling IT and digital infrastructure. This proactive stance, coupled with an intelligent approach, can help cybersecurity functions to be better prepared against the increasingly sophisticated AI-powered attacks.

We will continue to see AI and cognitive technology being applied in more cybersecurity scenarios. This presents an opportunity  for Chief Information Security Officers (CISOs) to prepare and build the right AI capabilities that can help efficiently manage the growing demand for cybersecurity services. A chargeback model can also be implemented to enable  business functions to leverage the services and service packaging provided by the cybersecurity function. This would ensure an optimised utilisation of limited cybersecurity resources, addressing the persistent scarcity of qualified professionals proficient in countering evolving threats.

What does it take to build such AI models for cybersecurity?

Crafting a resilient cognitive cybersecurity model requires a systematic and meticulous approach to meeting several critical requirements. At the beginning , organisations must articulate the model's objectives, establishing overarching goals that guide its implementation. This sets the stage for aligning the cognitive model with specific cybersecurity needs and strategic priorities of the organisation. Precision in key in presenting key data, as this enhances the ability to detect threats  and provides the bedrock for leveraging AI capabilities.

Selecting an optimal cognitive model is pivotal, necessitating the consideration of cybersecurity goals and the evolving threat landscape. Incorporating  AI technologies is critical, as it enables  the model to learn and adapt to emerging cyber risks continuously. This integration of  cutting-edge technologies and cybersecurity objectives demonstrates "Security By Design," as intelligence-driven security measures are woven intricately into the organisational ecosystem.

Continuously refining the model through the integration of internal and external data sources is a dynamic process. This holistic approach empowers the cognitive model to comprehend the nuances of the ever-evolving threat landscape, fostering adaptability and resilience. An intuitive model interface and user experience are essential, enabling cybersecurity professionals to interact seamlessly with insights, thereby enhancing team efficiency and effectiveness.

Moreover, the cyber team must identify a service catalogue, analyse demand, and fortify the model to efficiently manage demand, thereby improving its maturity. The rapid building and operation of capabilities are crucial elements for meeting the ever-changing cybersecurity landscape. In this context, a managed service model plays a pivotal role in efficiently handling high-demand scenarios. Finally, clearly defined Service Level Agreements (SLAs) ensure accountability, reliability, and transparency in delivering cybersecurity services. 

By embracing these critical requirements, integrating new technologies, and adhering to "Security By Design" principles, organisations pave the way for a cognitive cybersecurity model that not only addresses contemporary challenges but also anticipates and swiftly adapts to the evolving landscape, efficiently managing high-demand situations.

Conclusion: Pioneering a new Era with integrated cognitive cybersecurity

As highlighted in PwC Middle East GenAI Spotlight, despite the challenge of GenAI, respondents were confident about GenAI's potential to strengthen cybersecurity measures. Large language models can be powerful tools to detect cyber threats and simplify complex data and security engineering processes. A staggering 83% of Middle East respondents (including 92% in the UAE and 87% in the KSA) said their organisation would deploy GenAI tools for cyber defence within the next 12 months, compared to 69% globally. Similarly, 34% of regional respondents (33% in KSA and 45% in the UAE), almost the same number as global, agreed that their organisation understood cyber risks associated with GenAI, and included them in their risk management plan, continually updating it. Around 28% said their organisations monitored GenAI risks, almost the same as the global average. So although it could take some time before we see broad-scale use of GenAI in cyber defence, the three most promising areas, for now, include threat detection and analysis, cyber risk and incident reporting and adaptive controls.

In navigating the complex cybersecurity landscape, marked by rapid technological advancements and a scarcity of skilled professionals, organisations are urged to prioritise establishing foundational security measures through strategic partnerships and alliances. This critical first step ensures a robust baseline defence, setting the stage for the seamless integration of advanced technologies like AI and cognitive tools. Such partnerships not only bolster immediate security needs but also equip organisations with the flexibility to evolve, embracing AI-enhanced capabilities on a secure and optimised platform. This approach enables a strategic, phased advancement in cybersecurity posture, preparing organisations to meet future threats head-on with a blend of foundational strength and innovative technology.

Download the full report to unlock expert insights

Download the full report (PDF of 1.26mb)

Contact us

Walid El Sayed

Partner & Egypt Consulting Leader, PwC Middle East

+20 (02) 275 7700 (ext. 5392)

Email

Salam Shouman

Partner - Cybersecurity, PwC Middle East

Email

Haitham Al-Jowhari

Partner, Cybersecurity, PwC Middle East

Email

Mohammed Saty

Senior Manager, Consulting Technology - Cybersecurity, Riyadh, PwC Middle East

Email

Sanad Al-Alam

Manager, Data Privacy & Cybersecurity, PwC Middle East

Email

Follow us
Issues Navigating data privacy regulations New world. New skills. Responding to the potential business impacts of COVID-19 Doing Business in the Middle East VAT in the Middle East Megatrends Now: The need to ADAPT
Services Assurance and Audit Consulting Deals Entrepreneurial & Private Business PwC's Academy Tax and Legal Strategy&
Industries
Banking and Capital Markets Consumer Markets Energy, Utilities & Resources Financial Services Government/Public Services
Health Industries Industrial Manufacturing Real Estate Transportation and Logistics
About us PwC office locations in the Middle East Our purpose and values Corporate Sustainability Code of conduct Transparency reports Health, Safety and Environment Policy Third party code of conduct PwC’s global human rights statement Alumni
Publications
Careers Graduate & undergraduate careers Experienced careers Opportunities for Omani nationals Opportunities for Saudi nationals PwC's Watani Graduate Programme for UAE Nationals
Media centre Press releases Articles and blog posts TV and radio interviews

© 2017 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.