Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development

Incident Response Challenge: Knowing What to Prioritize

IBM's Mike Spradbery on Triage, Machine Learning, Tennis
Mike Spradbery, security technical leader for the U.K. and Ireland, IBM

Much of the push for bringing artificial intelligence - often better known as machine learning - tactics to bear in information security has been to help security experts know where to focus and to much more quickly glean this information.

See Also: What Makes Healthcare a Prime Target for Ransomware?

"The quicker you can detect and respond to an incident, the more you're likely to be able to contain and minimize the risk associate with it," says Mike Spradbery, IBM's security technical leader for the U.K. and Ireland.

But today's security operations center analysts often face a deluge of security alerts, making it difficult to know where to start.

"We tend to find in security operations centers that analysts are either overworked or they have got so many different offenses to investigate that even triaging to get to the most important ones is very difficult," he says." So inevitably, they can't investigate everything they probably should do."

In a video interview at the recent Infosecurity Europe conference in London, Spradbery discusses:

  • How IBM's Watson for Cybersecurity program helps analysts investigate security incidents;
  • How IBM continues to help secure the Wimbledon tennis championships;
  • The impact of the EU's General Data Protection regulation on incident response.

At IBM, Spradbery manages a diverse team of technical specialists who work with clients across all industries. During the past 20 years, he has worked with security, mobile, social and web experience technologies in a variety of business leadership, sales and technical roles.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.