Five Takeaways From The Panel Discussion On "The Future of AI in Security"

'Inside Security'
Leen Security
December 20, 2024

On August 13th, Leen held its inaugural event at the SVB Experience Center in San Francisco. The event featured networking and a panel discussion with three distinguished security leaders: Travis McPeak, Co-founder and CEO of Resourcely; Kamal Shah, Co-founder and CEO of Prophet Security; and Ross Haleliuk, Founder of Venture in Security, moderated by Kabir Mathur, Co-founder and CEO of Leen.

(L-R) Travis McPeak, Kamal Shah, Ross Haleliuk & Kabir Mathur

The discussion centered on "The Future of AI in Security: Balancing Precision and Automation." Here are 5 key takeaways:

1) We're still in the very early stages of AI in Security

People are exploring how AI can enhance workflows and automate manual tasks, with founders taking two main approaches: some focus on solving core problems with AI, while others are more excited about AI itself and seek ways to apply it. Despite the hype, few companies beyond Series C are thriving with real customers and revenue, as many established vendors heavily promote AI without fully integrating it. The AI market is still in its early stages, with initial successes and deployments, but scaling and achieving true product-market fit remain challenges. Enterprises are beginning to see promising results, such as OpenAI’s work in streamlining security operations with LLMs, though these successes are exceptions. AI tools like GPT can help security teams process more information by summarizing complex documents, although occasional errors require validation. Overall, there's cautious optimism, with many comparing AI's current stage to the early internet, anticipating that it will soon unlock transformative capabilities.

2) AI for Security or Security for AI: The build conundrum

The focus on "security for AI" as a standalone category seems misplaced. The real issue isn't about securing AI from breaches; it’s about how AI can improve the efficiency of security teams. Breaches are rarely due to data mishandling by giants like Microsoft, who likely have superior security teams. What’s exciting is leveraging AI to enhance security practices, despite the current challenges like unreliable LLMs. With the surge in AI investment and talent, these issues will likely be addressed. Security leaders are more focused on learning about AI rather than making immediate investments, while most security budgets still address traditional areas like identity and endpoint security. Although future threats to AI might arise, they are still largely theoretical. For founders, integrating AI into established security frameworks presents both opportunities and challenges: it’s easier due to existing budgets but tougher due to entrenched competitors. However, if AI can deliver better solutions, investment is likely to follow.

3) Currently, automation is the most effective application of AI

There’s a substantial opportunity to advance beyond basic chatbots and leverage AI for more complex workflow automation. While chatbots are a useful start, tackling intricate tasks like investigating security alerts requires advanced AI capabilities, including summarization, classification, data extraction, planning, and reasoning. To achieve accurate results, it’s crucial to break these tasks into smaller components and interact effectively with LLMs. However, AI won't always provide perfect answers, and human review will occasionally be necessary. AI offers a new form of flexible automation, allowing for dynamic management of workflows without rigid, predefined scripts. Unlike traditional security automation platforms, which struggle with predicting all possible scenarios and creating detailed playbooks, AI can adapt and streamline processes more effectively. While not a magical solution, AI can significantly enhance and improve existing workflows, with technology continually advancing over time.

4) Customers focus on solving their problems, not on acquiring AI-enabled solutions

There are fewer early adopters for AI itself compared to those seeking effective solutions to existing problems. Historically, customers have been more focused on solving high-frequency, high-severity issues, and this hasn't changed. They aren't necessarily looking for AI-enabled solutions per se, but for ways to address problems like for example, triaging alerts, just as they did years ago. The difference now is that AI may offer better solutions than before. Large enterprises are exploring AI, but often at a strategic level rather than seeking immediate integration into their systems. They're interested in enhancing productivity rather than adopting specific AI applications right away. Fundamentally, the way people buy software has not changed; they still prioritize solving core problems, and while there's growing interest in AI, it won't shift priorities in areas that were previously low on the list. If identity was a priority two years ago, there’s now a greater willingness to consider AI solutions in that space. However, if an area wasn't a priority before, simply being AI-enabled won't make it a focus.

5) AI will enable greater coverage and provide better context for builders

AI can significantly enhance coverage and context for builders, leading to more robust defenses. By leveraging AI, we can better utilize contextual information to design stronger protective measures and detection systems. Context is crucial, and AI's ability to analyze and apply it can improve how we address security challenges. Additionally, AI can provide greater, if not complete, coverage of the environment, ensuring that even overlooked aspects are addressed. Beyond context and coverage, AI also aids in improving communication within security frameworks, making it a valuable tool for comprehensive security solutions.

Audio link

If you'd like to listen to the panel discussion, you can tune in below: