The London Marriott Hotel Grosvenor Square was the venue for the SC Media Awards 2022, the cybersecurity industry's coveted and prestigious awards ceremony on June 21. Vectra, a leader in AI-based cyber threat detection and response for hybrid and multi-cloud enterprises, won the "Excellence in Threat Solutions Award" in the "Best Enterprise Behavioral Analysis and Threat Detection" category for its Vectra AI platform. Vectra didn't just win that title, however, as it was also ranked at the event as "Highly Commended" in the "Best Use of Machine Learning and Artificial Intelligence", "Best Customer Service" and "Best Security Company" categories. Founded in 2010 and based in San Jose, California, Vectra is a leader in threat detection and response for hybrid and multi-cloud enterprises. Its Vectra AI platform uses AI to quickly detect threats in the public cloud, identity, SaaS applications and data centers.

Artificial intelligence provides enormous benefits for cyber threat detection, but the technology can't do the job alone. That was the primary message during a session at the Ai4 2022 Cybersecurity Summit featuring two government cybersecurity professionals -- Garfield Jones, associate chief of strategic technology for the Cybersecurity and Infrastructure Security Agency (CISA), and Peter Gallinari, data privacy officer for the state of Tennessee. The duo discussed the promise of AI threat detection and fielded questions about what they saw as the future of such technology, the potential challenges and how humans will fit into the picture. Jones made it clear early in the panel that every cybersecurity system implementing AI will still require human involvement. "My perspective on this is that AI definitely has a future in threat detection and response," Jones said.

Cybercriminals today are extremely organized and often take advantage of social trends to deliver weaponized bundles used to launch an attack against victims. These bundles are typically delivered via phishing emails or malware web sites that include misinformation targeting fears and uncertainty. In recent months, for example, threat intelligence researchers have been seeing an evolution in ransomware attacks targeting those most impacted by COVID-19, such as hospitals and health care providers. In fact, 41 hospitals announced ransomware attacks during the first half of 2020. Ransomware gangs, typically associated with well-established and known criminal organizations are also evolving their tactics for extortion, including publicly shaming victim organizations and threatening to publish files to the internet or auction off PII (personally identifiable information) to the highest bidder.

Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach. "Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Even large security operations center (SOC) teams with more than 10 skilled analysts find it difficult to detect, confirm, remediate, and verify security incidents in minutes and hours," says Chris Morales, Vectra Network's head of security analytics. "However, the teams that are using artificial intelligence to augment their security existing analysts and achieve greater levels automation are more effective than their peers and even SOC teams with more than 10 members who are not using AI." Vectra Networks has polled 459 Black Hat attendees on the composition and effectiveness of their organizations' SOC teams. The group – a mix of security architects, researchers, network operations and data center operations specialists, CISOs and infosec VPs – were asked whether their SOCs are already using AI in some form for incident response, and 153 (33%) said Yes.