The art of AI from deployment to defence

The rise of generative AI in 2022 sparked huge excitement and just as many questions. While early experiments produced entertaining memes and questionable code, behind the scenes, boardrooms were debating something far more serious: how to use AI responsibly and effectively in real organisations. New DXC research shows this urgency is real – 77% of leaders say AI is now a board-level priority, yet 65% struggle to build a clear enterprise business case, and 94% face significant challenges deploying AI at scale. This highlights a clear execution gap that businesses face.

 

A sound AI strategy for the enterprise

There is a significant difference between individuals making use of an AI for personal productivity in the workplace and organisations deploying it at scale consistently across teams and departments. One of the key data points from AI project failures was that it didn’t integrate with existing business workflows. Focusing on the technology and not the business problem is like having an answer to an unknown question. Maybe that question happens to be the right one for an organisation to ask, though in many cases, it wasn’t. Ultimately, misalignment doesn’t just lead to inefficiencies; it undermines the entire initiative.

 

Organisations can realise the most value and more quickly if they know where the opportunities to improve today’s work are. From getting deeper insights through the combination of unique data and simplifying processes, to scaling repeatable tasks faster with agentic AI. Those are the questions to ask within the specific context of an organisation.

 

When the problem guides the strategy, an organisation can clarify the expected outcomes AI is supposed to deliver. There is a huge expectation that AI will reduce costs, for example. In some cases, this might be true, but in others, it may enable greater consistency in outcome. These material expectations further guide the selection of the right AI tools, who will be responsible for them, and help to remove any other number of question marks that might litter the path to a successful deployment.

 

When AI met cyber-security

One clear problem, especially after cyber-security awareness, is that while the skills gap remains an issue, it’s clear that finding the right talent is only one part of the equation. Having the budget to build and scale a team is also an issue. DXC research found that 47% of cyber-security experts cited challenges in building the business case for more budget as a significant issue, which increased to 69% when focused on cost-sensitive sectors like travel, logistics, and the government.

 

The mix of talent and budget is a clear business challenge, since cyber-security is not the type of area where “close enough” means “good enough.” In the security operations centre (SOC), the challenge is particularly pronounced. An endless stream of alerts that could either be nothing or the next big breach is sorted through by a limited number of analysts available to investigate.

 

In other words, there is a lot of potential for AI in the SOC. An agentic SOC, for instance, can use AI agents to handle all the repetitive tasks involved with alert ingestion, investigation, and remediation. What really requires attention makes its way to the analyst. We’ve found that a company could save 30 minutes to 2.5 hours per investigation, while achieving a 95% to 99% reduction in analyst tickets. 

 

An agentic SOC won’t be the right answer for everyone. But when a company’s new security analysts were struggling to find the right talent and to handle the growing number of tickets, how to scale the talent available was a clarifying question. A question that led to an innovation like the agentic SOC.

 

Defend against AI-driven risk externally

The second step in ensuring AI meets expectations is for an organisation to ensure new weaknesses haven’t been introduced into the system. Conventional attacks like phishing, further enabled by AI, will continue to accelerate, with one respondent in DXC research mentioning a 76% increase from one month to the next that they attributed to the weaponisation of AI. What’s new are threats like prompt injection or data poisoning. The well-intentioned use of AI tools has the potential to become a door to extracting sensitive data.

 

Mitigating the impact of these risks will require a stronger defence of identity. Today, 85% of attacks and breaches are associated with identity and verification. While traditional approaches to zero trust will mitigate some of these risks, they need to be scaled and enhanced to enable organisations to safely deploy and use AI.

 

Focus on today

AI’s promise is real, but only if organisations take the effort to clearly ask what AI can do for them and make sure modern defences are in place to protect its use. The organisations that succeed aren’t at the bleeding edge or have the most advanced models. They’re asking the right questions, designing for their people and workflows, and remaining vigilant. In the end, AI meets expectations when it’s not chasing the future but used in places where its benefits are known and can make the most difference. 

 

---

 

Dave Spence is Cyber-security Leader at DXC UKI

 

Main image courtesy of iStockPhoto.com and Parradee Kietsirikul