Beyond human limits: GenAI in cybersecurity

Cybersecurity is one of the primary initial applications of GenAI, with 72% of early adopter organizations surveyed by Omdia having either implemented or are currently trialing the technology for this purpose. Early use cases have focused on three main areas:

• Threat detection and prevention: identifying anomalies in network traffic and user behavior that indicate a cyberattack and fraud prevention by analyzing emails and other content for suspicious language and context. Attack simulation, vulnerability management and automating risk assessments are other examples.
• Incident response: creating concise summaries to support decision-making. This includes analyzing threat intelligence data to identify the seriousness of existing and emerging threats, as well as vulnerabilities and incident data to identify root causes to help develop mitigation strategies.
• SOC analyst enablement: automating routine, repetitive and time-consuming tasks, such as threat intelligence gathering. Adaptive training to address skills gaps in individuals and build expertise via interactive learning with different attack simulations. Augment existing capabilities to support decision-making.

However, despite its potential to accelerate the maturity and resilience of organizations’ cybersecurity, GenAI presents new challenges and risks that need to be assessed before adoption becomes more widespread, particularly in regulated sectors. Understanding the diversity of the training data and the reliability and accuracy of the AI outputs are critical to build trust. Transparency in algorithms and ensuring data privacy are equally important, as well as adherence to regulations and industry standards. Systematic auditing and continuous monitoring are essential. New skills are needed to integrate and optimize GenAI tools, but technical and operational in-house resources are currently lacking in many organizations. Securing the models themselves and assessing the new vectors for breaches they cause are also essential. This has received little attention so far, as organizations press ahead with deployments.

All of these issues must be addressed before projects move from proof of concept to the production stage. In a Candefero survey earlier in March 2024, only 26% of channel partners and respondents are seeing most or all of their customers’ GenAI proof of concept projects moving to production. The good news for partners is that GenAI projects typically have separate budgets set to grow. The respondents of Omdia’s GenAI Enterprise Survey of Early Adopters, published in May 2024, had annual budgets of an average of US$2.0 million for GenAI, which is expected to rise 29% in 2025 to US$2.6 million. This highlights not only the satisfaction with initial results, which met or exceeded expectations, but also confidence in the potential of the technology to transform cybersecurity and other areas, including employee productivity, external customer support, and personalized marketing, to name just a few.

Operationalizing GenAI represents another inflection point in cybersecurity and an area for partners to assess the capabilities of their platform vendor. It is arguably the most strategic technology for the next decade, creating both opportunities and risks. This will be discussed in the “Beyond human limits: GenAI in cybersecurity” Expert Hub at the upcoming Canalys Forums 2024, with a panel of vendors and top channel partners. Key themes and questions covered during the sessions at the events will include the following:  

• Current state and future trends: what are the current use cases for GenAI in cybersecurity? Which ones are gaining traction within organizations? Which ones will have the greatest impact? How will it evolve over the next five years?
• Operationalization and monetization: how will GenAI address the issue of skill shortages? How can partners use it to upskill talent? How can partners evaluate offerings from different vendors? Where should partners start in terms of operationalizing it in cybersecurity? How can partners monetize it?
• Challenges and limitations: what are the primary challenges and limitations of using GenAI in cybersecurity? How can we ensure solutions are robust against adversarial attacks? What are the data privacy and security considerations in using it for cybersecurity?
• Ethical considerations: given the potential for bias, misinformation and adversarial attacks, how can we build trust in GenAI for cybersecurity? What are the ethical concerns associated with its use?

The Canalys Forums 2024 events will feature leading channel-focused vendors, their partners and the industry-leading Canalys team. These events will provide partners with the opportunity to learn more about the latest trends and address how they can swiftly adapt to meet the changing needs of their customers. Be sure to register to ensure you can be among them. If you are a channel partner keen to learn about opportunities in AI and cybersecurity, we encourage you to register for Canalys Forums 2024.

EMEA: 8-10 October, Berlin, Germany
NORTH AMERICA: 22-24 October, Miami, Florida
APAC: 3-5 December, Bali, Indonesia