AI-driven insights transform security preparedness and recovery

In this Help Net Security interview, Arunava Bag, CTO at Digitate, discusses how organizations can recover digital operations after an incident, prioritize cybersecurity strategies, and secure digital operations with effective frameworks.

What measures should organizations take to recover digital operations after an incident?

IT security teams everywhere are struggling to meet the scale of actions required to ensure IT operational risk remediation from continually evolving threats. Recovering digital operations after an incident requires a proactive system of IT observability, intelligence, and automation. Organizations should first unify visibility across their IT environments, so they can quickly identify and respond to incidents.

Additionally, teams need to eliminate data silos to prevent monitoring overload and resolve issues. Leveraging AI-powered insights can help detect patterns, prioritize actions, and guide recovery efforts. Finally, automation plays a critical role in expediting remediation processes and preventing recurrence, making recovery faster and more reliable.

How can organizations prioritize their cybersecurity preparedness strategies? How can they involve cross-functional teams in preparing and executing these plans?

Organizations should take a strategic approach by consolidating tools and platforms to streamline security efforts and eliminate redundancies so they can best identify the areas of highest risk and impact. To make these strategies effective, cross-functional collaboration is crucial. IT teams, security specialists, and executive leaders must align priorities and implement proactive measures, such as self-learning algorithms and predictive analytics, to address threats before they materialize. A good security system also includes regular training and clear communication so that every team understands and can act on their role in securing the organization.

What frameworks or methodologies do you recommend for securing digital operations?

There are national frameworks like NIST or ISO 27001 that provide valuable guidelines for managing cybersecurity risks. Additionally, adopting a platform-centric approach consolidates capabilities and reduces complexity, enabling organizations to better manage risks in hybrid IT environments.

Given leaders are looking to increase the adoption of AI for stable and secure operations, and enable proactive operations, there are a few solutions to help create an explaining and secure system.

First, conduct a thorough audit of current processes, tools, and workflows to identify gaps and inefficiencies. Deploy observability solutions in stages, starting with a vertical view that connects applications with their underlying infrastructure, and then moving to a horizontal axis that focuses on business processes. Enable AI to generate insights and gradually introduce automation for first response actions, ensuring a smooth transition.

Setting realistic expectations is crucial; understanding that achieving full intelligent automation is a phased process that requires customization and collaboration.

For the most explainable AI operations, leaders should engage:

• Integration of white-box models: These are inherently more transparent and easier to understand, such as decision trees or linear regression, which clearly outline how decisions are made.
• Post-hoc explainability: For black-box models, post-hoc techniques are useful. These methods the model’s outputs and attempt to explain decisions after the fact, providing insights into the model’s behavior.
• Feature maps: Methods to visualize the features that are used by a neutral network.
• Ensemble of algorithms: Using a combination of different algorithm types to leverage the strengths of both white-box and black-box models, allowing a balance of explainability and accuracy.
• User-friendly evidence generation: Developing systems that generate easy-to-understand textual and visual representations of AI-driven insights.

How can IT leaders foster a culture of security awareness among employees and stakeholders?

Unfortunately, many companies still lack the foundational elements needed for successful and secure AI adoption. Common challenges include fragmented or low-quality data disperse in multiple silos, lack of coordination, a shortage of specialized talent like data and AI engineers, and the company own culture resistant to change.

Fostering a culture of security awareness starts with making security a visible and integral part of everyday operations. IT leaders should focus on equipping employees with actionable insights through tools that simplify complex security issues.

Training programs, tailored to different roles, help ensure that teams understand specific threats relevant to their responsibilities. Providing real-time feedback, such as simulated scenarios, builds practical awareness. It’s equally important to align security initiatives with broader goals, like improving operational resilience or supporting sustainability, to create a shared sense of purpose at the organization.

What emerging trends or technologies do you believe will shape the future of securing digital operations?

The ability to analyze vast datasets, detect patterns, and predict potential issues is paramount to creating a system of AI operations. AIOps enhances system availability and performance by minimizing downtime and accelerating issue resolution. This not only improves overall customer experience but also allows IT teams to focus on more strategic tasks. The transition from reactive monitoring to proactive IT management positions businesses to be more resilient and agile, aligning IT operations closely with business objectives, securely and efficiently.