• Technology

    The evolution of MDR

    AnyFans Posted on

    The evolution of MDR

    Organizations are navigating a rapid shift from human-centric defenses to AI-driven capabilities. Automation and predictive analytics are transforming managed detection and response, or MDR, pushing enterprises to rethink long-standing processes and keep pace with evolving threats.
    For a long time, the biggest challenge in cybersecurity was having enough trained people to handle the work. With endless threats and alerts flooding in, organizations constantly struggled with human capacity, according to Kevin Urbanowicz, principal at Deloitte Touche Tohmatsu Ltd.
    “As we’ve seen the AI revolution take over, there’s a light at the end of the tunnel that, ‘Maybe I don’t need as many humans. Maybe I can actually do more with less,’” Urbanowicz said. “AI had to kind of get there and improve that value, but we’ve seen that catch on.”
    Urbanowicz and Chris Richter (pictured), senior managing director at Deloitte, spoke with theCUBE’s Dave Vellante and Rebecca Knight at Fal.Con, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the shifting expectations around MDR amid the growing role of AI in reshaping cybersecurity operations. (* Disclosure below.)
    The evolution of MDR
    MDR has followed a long evolutionary cycle, moving organizations away from traditional, internally managed security operations centers and managed security services. That shift has been toward a more unified approach, according to Richter.
    “[It’s] a standardized platform, standardized technology backend to improve automation,” he said. “But that wave has a very long tail, and on the backend of that tail are individuals that still have disorganized SOCs. They have multiple SOCs within the same organization.”
    Many organizations are still relying on traditional MSS and SOCs that no longer meet today’s challenges, leaving them scrambling to catch up, according to Richter. Those further ahead now find themselves both concerned and excited about the potential of artificial intelligence.
    “In terms of how expectations are changing, it depends on where you are on that evolution,” he said.
    In the past six to 12 months, chief executive officers have been pushing hard for organizations to be progressive about adopting AI, according to Urbanowicz. Chief information security officers who aren’t actively doing something with AI now risk feeling behind and facing that top-down pressure.
    “The adoption push is happening top-down, which is different, right? Cybersecurity, you used to have to go to the board, ask for money, beg for new capabilities,” Urbanowicz said. “That’s coming downwards now. Because the AI revolution, while it affects the business and they’re using it to enable business, they realize it’s a way to not only do better cybersecurity, save money, find those things. I think the adoption’s actually increased quite a bit.”
    For Deloitte, it all represents a journey that starts with understanding what clients want to achieve with AI, according to Richter. Since almost anything can be automated, the focus has to be on defining the specific outcomes they’re aiming for.
    “The quality of that automation is another matter altogether,” he said. “There isn’t one AI agent that’s going to do everything. It’s usually a series of agents that have very specific, bespoke functions. They’ve got to communicate with each other. Those agents have to be protected.”
    Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Fal.Con:
    (* Disclosure: Deloitte Touche Tohmatsu Ltd. sponsored this segment of theCUBE. Neither Deloitte nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
    Photo: SiliconANGLE

    You Might Also Like