Are APAC organizations ready for the transformation – good or bad – that AI is bringing to their operations and cybersecurity postures?
Good to have. Bad to have. Yes, AI has been the talk of the town ever since generative AI caught the public’s attention.
However, for years now, a major part of cybersecurity has been ‘AI versus AI’.
Of course, AI leverages data in a big way – and data protection and privacy have been big issues, especially where regulatory compliance has become stringent and widespread across the APAC region.
What if you can leverage AI to enhance your cybersecurity efforts with faster detection, investigation and response, while allowing you to control how AI is applied to your data?
CybersecAsia sought the expert perspectives of Dr Min Wang, Chief Technology Officer, Products and Technology, Splunk, to find some answers.
What are some key AI trends that could significantly impact organizations in the APAC region?
Dr Wang: The rapid popularity of AI-related solutions reflects how eager businesses are in seeking an additional competitive edge, to offer greater value and digital experiences to their customers. One key trend we have seen is the increased focus on AI/ML-powered response automation driven by the growing importance of digital systems. In fact, findings from our State of Observability report show that 66% of organizations are already using AI/ML, while 26% are in the process of deploying.
Crucially, forward-looking organizations have started reaping benefits from their AI deployments. Over 30% of IT practitioners surveyed said that AIOps tools are”
1. better than legacy solutions at automatically determining the root cause of an issue
2. better at predicting potential problems before they turn into customer-impacting incidents
Every two in three organizations reported that the return on investment on their AIOps tools has exceeded expectations.
A note of caution for businesses, though, especially with organizations embedding AI/ML in their observability toolset. Organizations must use AI responsibly: we must ensure that our adoption of AI/ML remains authentic and avoid AIOps-washing.
What role does AI play in strengthening an enterprise’s digital resilience?
Dr Wang: Resilience starts with end-to-end visibility. Organizations need to be able to see across their entire tech stack and processes at scale, so that ITOps and security teams can detect, investigate and respond to problems faster.
AI brings an abundance of opportunities for SecOps, ITOps, and engineering teams. AI can help detect important events by automatically mining data to better surface key events and signals. It can provide context and situational awareness with intelligent event summarization and interpretation, and it can accelerate learning curves. At the same time, productivity and efficiency can drastically increase by freeing users from basic tasks and allowing them to focus on higher-value initiatives.
How have organizations in APAC leveraged Splunk’s AI/ML capabilities?
Dr Wang: We see more and more customers turning to AI/ML-powered response automation to support and accelerate their employees’ ability (and confidence) to make informed decisions and respond promptly to threats.
A great customer example would be The Bank of East Asia, Limited (BEA) – a leading Hong Kong-based and listed financial services group that operates more than 130 outlets globally. They had initially lacked full visibility into their distributed environment, with their global teams manually troubleshooting issues and each team siloed into running their own Security Information and Event Management (SIEM) solutions.
Working with Splunk to implement a centralized SIEM internationally with Splunk Cloud Platform, BEA now had a robust security automation solution to ease the burden on their staff and improve their agility. This helped strengthen the bank’s digital resilience as part of its fintech strategy to drive innovation.
Are APAC organizations prepared for the changes AI will bring? What are some implications and challenges they could potentially face?
Dr Wang: One key challenge brought about by the rapid growth of digitalization and society’s increasing reliance on technology is the shortage of tech talent across industries. Particularly in the field of cybersecurity, the demand for skilled talents and cybersecurity professionals remains high globally, and APAC is no exception.
To address this tech talent crunch, we see organizations accelerating their adoption of AI to plug their gaps in manpower with more efficient technology. Many of our customers seeking to increase their digital resilience are seeking unified solutions for observability and security that are integrated with AI, in order to drive greater automation to optimize response times, process efficiency, and faster time-to-value.
What are Splunk’s priorities for AI in the future?
We view AI as a definite opportunity – one that we have been working on before the current buzz. For example, we’ve long been working with our customers to maximize their use of AI/ML to enrich their observability tools, and shared with them our Machine Learning Toolkit, which has more than 200,000 downloads.
AI requires a contextually relevant rich dataset and Splunk’s highly scalable data architecture makes us well-positioned to continue delivering the solutions that today’s enterprises need. Our goal is to provide our customers with innovations that offer domain-specific security and observability insights to accelerate detection, investigation and response. Along with our transparent usage of AI, customers are able to remain in control of how AI uses their data.
We follow three key principles as part of our deliberate and thoughtful approach to AI:
- Domain- and Splunk-Specific: Our AI capabilities are personalized to be domain specific for security and observability use cases, and can be tightly integrated within organizations’ workflow.
- Human in the Loop: Splunk customers keep the world’s most important digital systems secure and performant. The stakes are very high. Thus, it is essential that AI assists and strengthens human decision making, but doesn’t replace it.
- Open and Extensible: As we plan to directly integrate more AI into the platform, we are committed to enabling customers and partners to extend our models or bring their own models in line with their policies and risk tolerance. These models can work with data in Splunk as well as data on other data stores, providing flexible solutions.
We have been embracing AI since 2015 and we continue to view AI as a catalyst to ultimately help organizations become more digitally resilient.