By Wallace Witkowski, MarketWatch
If you’re going to the play the “AI” drinking game at RSA Conference 2019, you may not make it out alive.
Ahead of the industry’s largest trade show in San Francisco, vendors are already touting AI-based solutions meant to address one of the industry’s most pressing issues: a scarcity of workers qualified to defend against cyberattacks. Over the past week, both Palo Alto Networks Inc. /zigman2/quotes/207599953/composite PANW -0.77% and Microsoft Corp. /zigman2/quotes/207732364/composite MSFT -1.63% announced new AI-branded services to address an often-cited lack of cybersecurity workers qualified to keep on top of an exponentially growing number of cyberattacks.
In a report released Thursday, however, Cisco Systems Inc. /zigman2/quotes/209509471/composite CSCO -0.68% said that the industry may actually be cooling to AI-powered cybersecurity. In a survey of more than 3,000 security experts, two-thirds said they would rely upon AI, down from the 74% who said they would in 2018.
Cisco found that chief information security officers, also known as CISOs, “are increasingly confident that migrating to the cloud will improve protection efforts, while apparently decreasing reliance on less proven technologies such as artificial intelligence.”
“AI and machine learning, used right, are essential to the initial stages of alert prioritization and management,” the Cisco report said. “However, reliance on these technologies has decreased as respondents possibly perceive the tools to be still in their infancy or not ready for prime time.”
But cybersecurity firms may have little choice to go after AI solutions as they struggle to find qualified workers who can develop products or respond to threats. When Microsoft announced its Azure Sentinel offering this week, Ann Johnson, who heads Microsoft’s cybersecurity solutions group, said in a blog post that the AI security product is meant to address an projected shortage of about 3.5 million qualified cybersecurity workers by 2022, citing an estimate from research firm Cybersecurity Ventures.
Microsoft touted its Azure Sentinel product as the first native security information and event management, or SIEM, tool within a major cloud platform. Johnson said early adopters of Azure Sentinel have reported an up to 90% reduction of alert fatigue, where already stressed cybersecurity workers find themselves chasing what prove to be false alarms, and that threat hunting times which used to take hours have been reduced to seconds.
Microsoft unveiled Sentinel just two days after Palo Alto Networks discussed its own new offering, the Cortex security product, which Palo Alto Networks touted as “the industry’s only open and integrated, AI-based continuous security platform.” That was announced late Tuesday in conjunction with a huge earnings beat and outlook from Palo Alto Networks.
In addressing the use of automation to mitigate the growing number of cyberattacks amid personnel shortages, Palo Alto Chairman and Chief Executive Nikesh Arora said Tuesday that his customers report they get three to 10 times as many cybersecurity alerts than they were five years ago, and that they have to hire more people to analyze the alerts.
Expect to hear about a lot more AI-assisted solutions emanating from the weeklong RSA Conference 2019 in San Francisco, which starts Monday. Besides AI, companies are likely to focus on the need for consolidation in the industry, as well as details on what types of attacks are becoming more prevalent.
Consolidation in the industry, or having to use fewer vendors, a much talked-about issue at last year’s RSA, appears to be gaining even more desirability. Cisco’s report noted that 63% of responding CISOs said they had whittled down the number of vendors they deal with to 10 or less, compared with 54% in 2017, according to Cisco.
Both Cisco and Palo Alto Networks are helping out that consolidation trend. Last year, Cisco acquired Duo for $2.35 billion, and Palo Alto Networks acquired such companies as Evident.io and RedLock and most recently its announced it was acquiring Demisto for $560 million.
While not mentioning AI, Symantec Corp. /zigman2/quotes/200957356/composite SYMC -2.00% announced on Thursday it was updating its Integrated Cyber Defense platform “to drive down the cost and complexity of cybersecurity.”
In other reports coming out ahead of RSA, Trend Micro Inc. /zigman2/quotes/206023532/delayed JP:4704 +1.14% said on Tuesday that “attacks that capitalize on the human desire to respond to urgent requests from authority” are skyrocketing, and that business email phishing attempts are up 269% compared with 2017.
In another, Moody’s Investors Service said four sectors with $11.7 trillion in rated debt are at a high risk of getting hacked or harmed by cyberattacks. Sectors named included banks, securities firms, market infrastructure providers and hospitals.
“New technologies and a lack of skilled cybersecurity workers contribute to risks,” Moody’s said. “In response to rising attacker capabilities, organizations world-wide need to continually raise their baseline security to avoid becoming unintentional collateral damage of attacks and easy targets of less-sophisticated hackers.”
Since cybersecurity earnings started rolling in for the season, kicked off by Juniper Networks Inc.’s /zigman2/quotes/207361368/composite JNPR -0.38% disappointing earnings back in late January, the ETFMG Prime Cyber Security ETF /zigman2/quotes/207892345/composite HACK -1.24% has risen about 11% and the First Trust Nasdaq Cybersecurity /zigman2/quotes/200078153/composite CIBR -1.58% has gained more than 12%, compared with a 6% advance in the S&P 500 index /zigman2/quotes/210599714/realtime SPX -0.39% and an 8% gain in the tech-heavy Nasdaq Composite Index /zigman2/quotes/210598365/realtime COMP -0.83% .
Those earnings were followed up with back-to-back strong results from Symantec and Proofpoint Inc. /zigman2/quotes/207816916/composite PFPT -3.83% along with earnings beats from Fortinet Inc. /zigman2/quotes/205733290/composite FTNT -2.98% , Rapid7 Inc. /zigman2/quotes/203905856/composite RPD -5.92% , ForeScout Technologies Inc. /zigman2/quotes/205654246/composite FSCT -2.83% , Mimecast Ltd. /zigman2/quotes/202578603/composite MIME -1.26% , OneSpan Inc. /zigman2/quotes/201429622/composite OSPN -1.11% , and Cisco. Earnings from FireEye Inc. /zigman2/quotes/204730283/composite FEYE +0.83% , Qualys Inc. /zigman2/quotes/201504669/composite QLYS -1.28% and Carbonite Inc. /zigman2/quotes/205010412/composite CARB -0.85% also topped Street views but weaker-than-expected outlooks weighed on the respective stocks.
Late Thursday, quarterly results for both Zscaler Inc. /zigman2/quotes/203585803/composite ZS -5.12% and Splunk Inc. /zigman2/quotes/203060494/composite SPLK -1.99% topped Wall Street estimates, but while Zscaler shares rallied big Friday, Splunk’s did not.