Light Dark
July 7, 2017 By Cathal O'Donovan 2 min read
Artificial Intelligence

Picture this: You are the leader of a security operations center (SOC) and yet another major ransomware attack is making headlines. Within minutes of the news breaking, you receive questions about your company’s exposure to this ransomware. You’ve implemented your incident response plan and you’ve woken your team members from their beds.

Your team is overwhelmed, working tirelessly to analyze the fallout from WannaCry, Petya and other recent high-profile attacks. You’ve also been dealing with compliance audits, investigating insider threats, moving between data centers and bringing staff members up to speed — all essential activities for any security team leader.

Closing the Skills Gap With Cognitive Security

Cognitive security tools can help analysts juggle these responsibilities. New tools are reaching the market at an increasing rate, some of which are already integrated with your current security information and event management (SIEM) system and SOC infrastructure. The SOC has been generating huge amounts of data for various initiatives, such as compliance efforts, performance data and more. It also generates lots of noise and false positives. Meanwhile, the new analysts you’ve hired are struggling to come up to speed, and your established rock stars are busy fighting fires.

SOC team leaders need reliable solutions to help them cope with this skills gap. It’s time to invest in cognitive tools to ring-fence the firefighters and tune the system to reduce false positives. When determining which solutions to invest in, look for products that are simple, efficient and compatible with existing infrastructure. It’s also worth considering whether these tools can be tested at a responsible speed.

Augmenting Human Intelligence With Automated Insights

There are solutions that deliver on all these features and more. The centerpiece of IBM’s new Cognitive SOC is QRadar Advisor with Watson. It combines IBM QRadar, the industry’s leading security analytics platform, with the cognitive capabilities of Watson for Cyber Security to automatically investigate and qualify security incidents. It also integrates with most SIEM tools using a wizard-based solution. Most importantly, it enables analysts to stop fighting fires and focus on strategies to proactively protect the network from ransomware and other threats.

The cybersecurity skills gap is no match for Watson. Cognitive security augments those inexperienced new hires by uncovering hidden threats and automating insights. With this collective knowledge at their fingertips, your analysts can respond to threats with unprecedented speed and accuracy, and your rock stars have more time to improve your platform — and maybe get some much-needed shut-eye.

 |  |  |  |  |  |  | 
Cathal O'Donovan
DevOps Manager, IBM

More from Artificial Intelligence
January 29, 2025

AI and cloud vulnerabilities aren’t the only threats facing CISOs today

6 min read - With cloud infrastructure and, more recently, artificial intelligence (AI) systems becoming prime targets for attackers, security leaders are laser-focused on defending these high-profile areas. They’re right to do so, too, as cyber criminals turn to new and emerging technologies to launch and scale ever more sophisticated attacks.However, this heightened attention to emerging threats makes it easy to overlook traditional attack vectors, such as human-driven social engineering and vulnerabilities in physical security.As adversaries exploit an ever-wider range of potential entry points…

January 24, 2025

Are successful deepfake scams more common than we realize?

4 min read - Many times a day worldwide, a boss asks one of their team members to perform a task during a video call. But is the person assigning tasks actually who they say they are? Or is it a deepfake? Instead of blindly following orders, employees must now ask themselves if they are becoming a victims of fraud.Earlier this year, a finance worker found themselves talking on a video meeting with someone who looked and sounded just like their CFO. After the…

January 17, 2025

How to calculate your AI-powered cybersecurity’s ROI

4 min read - Imagine this scenario: A sophisticated, malicious phishing campaign targets a large financial institution. The attackers use emails generated by artificial intelligence (AI) that closely mimic the company's internal communications. The emails contain malicious links designed to steal employee credentials, which the attackers could use to gain access to company assets and data for unknown purposes.The organization's AI-powered cybersecurity solution, which continuously monitors network traffic and user behavior, detects several anomalies associated with the attack, blocks access to the suspicious domains…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature