Artificial intelligence remains one of the most disruptive technologies ever developed.
In the cybersecurity space, it’s paved the way for new threat detection, management and mitigation strategies. Organizations can now protect themselves with technology akin to a self-learning digital immune system, capable of analyzing network traffic and user behavior to identify zero-day threats. Unfortunately, as with any technological advancement, AI is a double-edged sword.
Just as it’s been added to the arsenal of security practitioners, so too has it become a weapon for threat actors. It’s a song and dance with which anyone participating in the security market is now intimately familiar. The history of cybersecurity can ultimately be boiled down to a never-ending arms race between cyber criminals and the people who’ve built a career out of stopping them.
It’s crucial that investors understand this dynamic and how it impacts the larger cybersecurity market — particularly for small- and mid-sized businesses, which still remain underserved and therefore represent an enormous opportunity.
Climate of continual risk
To say that digital crime is booming would be an understatement. Threat actors are more organized and sophisticated than they’ve ever been, with some groups even leveraging the cloud to support cybercrime-as-a-service offerings. And as we continue to bring more systems and infrastructure online, it’s only going to get worse; it’s predicted that by 2025, cybercriminals will cost the world roughly US$10.5 trillion per annum.
In addition to being smarter, adversaries are also considerably more numerous. A security practitioner may be fending off one hacker only to have 10 take their place. This comes at a considerable cost, with ransomware attacks now carrying an average price tag of roughly US$4.5 million.
The transition towards hybrid and distributed work over the past several years has also opened up new vulnerabilities for cybercriminals to exploit. The traditional security perimeter is gone, dissolved into an ecosystem of vendors, suppliers and remote personnel. Every node in this ecosystem is a potential access point, every entity a potential vulnerability.
In response, many organizations have focused extensively on technical cybersecurity. They have deployed sophisticated protective software solutions, embracing principles like ‘zero trust’ and ‘least privilege’ as they create extensive security checks and balances around their most sensitive assets.
These measures, however, are only as strong as their weakest link: humans.
Everyone, no matter how experienced, is ultimately fallible. Threat actors know this. They don’t need to expend time and effort to crack a business’s security — they can just wait for someone to slip up and let them in.
All this would be challenging to manage even if every organization had a fully staffed cybersecurity team, but they don’t. There simply aren’t enough experienced security practitioners to go around. According to Cybersecurity Ventures, unfilled cybersecurity jobs increased by 350 percent between 2013 and 2021 to a total of 3.5 million, and has remained at that level in 2023.
Consequently, full-time security practitioners operate on high premiums, often only affordable to larger organizations. This has consequently caused a sharp upturn in managed cybersecurity services — third-party expertise is fast becoming the best way to deal with today’s sophisticated threats.
Unfortunately, most managed service providers focus primarily on larger organizations. Despite the fact that they are among the most vulnerable to attacks, small- and mid-sized enterprises aren’t large enough to catch the attention of managed service providers, resulting in a significantly underserved segment of the cybersecurity market.
Large enterprises can afford highly sophisticated security solutions and full-time practitioners. About 47 percent of small businesses, on the other hand, don’t even have a dedicated cybersecurity budget. The fact that many of these smaller organizations are often vendors or partners for large businesses presents a lucrative opportunity for cybercriminals as threat actors could use small businesses as a point of entry for a larger target.
Small businesses are more frequently targeted by cyberattacks than their larger peers. They’re also more heavily impacted by these attacks, with roughly 60 percent ceasing to exist within six months of being targeted. These organizations can no longer afford not to prioritize security.
Keys to effective cyber security
While every security vendor has its own unique selling points and brand identity, effective cybersecurity ultimately boils down to six elements.
Threat detection. Detecting and identifying potential threats on a network can take many forms, including user entity behavior analysis (UEBA) and endpoint detection and response. This is in many ways the foundation of every other component – should you lack visibility into your ecosystem, nothing else matters.Policies and Process. Technical controls alone are not enough. Security tools must also account for the human side of the equation and make it easy to enforce policy without impeding workflows. This includes cybersecurity awareness training and analytics functionality to help organizations better shape employee education.Industry focus. Each sector has its own unique security challenges and faces its own set of threats. A vendor must understand these aspects and tailor its portfolio accordingly.Flexibility and scalability. The cybersecurity landscape is as mercurial as it is immense. A tool that cannot evolve with the emergence of new trends and grow alongside a business is of little use.Proactive prevention. While it’s important to have a solution that allows you to respond to threats in real-time, it’s far better to prevent those threats from becoming an issue in the first place. Vulnerability management and risk management are therefore non-negotiable here.Integrated solution. The previous strategy of deploying a different point solution for each new threat is unsustainable in today’s market. It results in a bloated, unmanageable security stack that ultimately creates more problems than it solves.
AI arms race
Artificial intelligence has fundamentally disrupted the cybersecurity space. It allows security practitioners to automate monitoring and data gathering, provide more personalized security training, analyze massive threat intelligence data sets, and mitigate certain threats and attacks without human intervention. It’s not only more cost-effective than manual cybersecurity, but also enables better decision-making and reduces the chance of human error.
The applications of this technology are immense.
Authentication and access control.Organizations can leverage AI-based solutions such as fingerprint sensors, behavioral analytics and facial recognition to provide additional layers of authentication and enable a gradual shift towards password-less security.Social engineering protection.No matter how sophisticated an organization makes its security, humans will remain the weakest link. Artificial intelligence allows a business to shore up the human side of the equation, automatically detecting and shutting down phishing attacks and leveraging features like UEBA to flag accounts that may have been compromised.Vulnerability management.AI-driven security allows businesses to keep up with the endless tide of new threats, risks and vulnerabilities. Many solutions are capable of detecting and remediating even zero-day vulnerabilities.Network security.Network management and policy enforcement are now incredibly complex and time-consuming. Through AI, these tasks can be largely automated, freeing up considerable time for security personnel and allowing them to focus on other factors.
Cybersecurity investment landscape
Today, many of the leading cybersecurity vendors have pivoted to incorporate AI into their software portfolios. BlackBerry (NYSE:BB,TSX:BB) is arguably among the first of these organizations through its acquisition of Cylance. This has provided the company with one of the most advanced cybersecurity AI platforms on the market.
While BlackBerry primarily targets larger organizations, Fortinet (NASDAQ:FTNT) is more focused on mid-sized businesses. The company’s automated cybersecurity services provide centralized, advanced threat detection and response capabilities that encompass the entire cyber kill chain. The company also offers an AI-driven security operations center.
Cisco (NASDAQ:CSCO), a longtime leader in enterprise technology and services, has similarly begun pursuing AI-driven cybersecurity, most recently through its acquisition of cybersecurity firm Splunk in September. Cisco had already been exploring the use of artificial intelligence in its other lines of business. Currently, it offers a multitude of tools including AI transcription and a generative AI policy assistant, which it ultimately hopes to make part of a unified cloud security platform.
All three of the organizations described above are titans of the cybersecurity sector. All three are also leading innovators in the use of artificial intelligence. Unfortunately, all three alsowork primarily with larger organizations, often meaning small- and mid-sized businesses are less well protected.
Recently launched on the Canadian Securities Exchange, Integrated Cyber Solutions (CSE:ICS) is one cybersecurity company with a particular focus on the underserved and high-potential cybersecurity market of small- and medium-sized enterprises and businesses. Its AI-driven IC360 platform consolidates its product portfolio into a powerful command center that provides those businesses with the level of protection often reserved for large corporations. Backed by experienced leadership, a comprehensive suite of solutions and a clearly defined growth strategy, Integrated Cyber brings together best-in-class capabilities from multiple third-party providers, allowing it to evolve alongside the needs of its customers.
The cybersecurity market is more complex than ever before, particularly with the proliferation of artificial intelligence. The solutions enabled by this new technology and the vendors that distribute it together represent a considerable opportunity, one which investors would do well to understand.
The information contained here is for information purposes only and is not to be construed as an offer or solicitation for the sale or purchase of securities. Readers should conduct their own research for all information publicly available concerning the company. Prior to making any investment decision, it is recommended that readers consult directly with Integrated Cyber Solutions and seek advice from a qualified investment advisor.