How to Leverage AI to Better Detect, Analyze Cybersecurity Threats

Artificial intelligence (AI) is becoming a critical component of protecting customer data and spells opportunity for MSPs.

How to Leverage AI to Better Detect, Analyze Cyber Threats


Cybercriminals and bad actors can create and launch new threats into the market in what seems like the blink of an eye. Therefore, solution providers and managed services providers must be just as fast to prevent, or at least minimize, the damage they can cause. To meet that challenge, artificial intelligence (AI) technology is increasingly becoming a critical component of cybersecurity solutions. The more that MSPs—and other tech companies—understand how AI is changing the way networks and data are protected, the better they’re able to protect customers.

In the episode of CompTIA’s From Promise to Profit series below, Greg Plum, senior vice president of strategic alliances at Markee and chair of CompTIA’s Emerging Technology Community, and Joseph Steinberg, cybersecurity expert and a member of CompTIA’s Cybersecurity Advisory Council, discuss how cybersecurity solutions are leveraging AI technology to keep the bad guys at bay.



The number of security threats has increased dramatically in recent years, so the ability to detect threats before they create havoc is of utmost importance. However, humans have a brain-power limit: There’s only so much material they can analyze at any given time. An organization that frequently deploys technology may find numerous threats and be the target of many attacks.

“What do you do with that knowledge? If you don’t have AI to start analyzing threats, you need armies of humans. And most organizations don’t have enough as it is to handle their existing load,” Steinberg said.

Adding advanced technologies such as AI can improve computer-based analysis to determine what is a critical threat and how that should be addressed. It’s a task that every business is really wrestling right now, Steinberg said.



In this video, Steinberg explains how companies are being dealt a double blow: a shortage of qualified personnel coupled with an increased volume of attacks. To make up for the lack of staff, organizations are investing in more cybersecurity technology and automated systems. As a result, more alerts are being identified. However, while these are real threats and attacks being identified, if you don’t have enough staff to review, prioritize and decide which alerts are likely to be vulnerabilities, an organization can quickly become overwhelmed.

A second component of a cybersecurity solution incorporates AI systems to help look at alerts that come in from different systems, threat intelligence, the current status of networks, and the current status of data. The AI solution can analyze the threats, make predictions and prioritize what should be handled, in what order by human staff. In some cases, the AI can handle the requests. “That can dramatically improve the security of an organization,” said Steinberg, “because remember, if one attack gets through because somebody prioritized [incorrectly]… that can lead to a catastrophe.”



AI can help businesses—including MSPs—protect against cyberthreats. Many businesses don’t have enough cybersecurity professionals to really meet their needs. AI can help prioritize what needs to be done and can sometimes handle the tasks with little or no human intervention. AI can be implemented by MSPs to help handle customers’ cybersecurity concerns more effectively, as well as their own, because MSPs have many of the same challenges as their customers.

The challenge is that if you don’t deploy AI correctly, it learns incorrect information. Not only will the solution then make wrong decisions, but it will also make increasingly bad decisions over time. “One thing that’s important with AI is that you got to get it right from the start, or you’re literally going to learn the hard way,” said Steinberg.

Appropriate uses for AI include classification algorithms for malware and spam detection, anomaly detection algorithms to discover malicious traffic or user behaviors, and correlation algorithms to connect signals from different systems.


“If you don’t have AI to start analyzing threats, you need armies of humans. And most organizations don’t have enough as it is to handle their existing load.” – Jonathan Weiss



One of the most compelling reasons for implementing AI as part of a cybersecurity solution is to combat the labor shortage. AI allows companies to do more with less. More security risks can be identified and quickly remediated using AI. That can be a godsend to a company that doesn’t have the cash reserves to hire additional people.

MSPs and solution providers also need to start realizing that the pace of cyberattacks is only going to increase and the risk of becoming overwhelmed by identifying breaches and suspicious activity is real.

“A few years down the line—and it’s probably not that far down the line, the science fiction notion of computers attacking computers, rather than human hackers attacking computers, it’s probably going to be real [with] computers attacking each other without human involvement,” Steinberg said. “Eventually, the computer systems, the AI systems, will be smart enough that they’ll be able to outperform human hackers.”


Now It's Your Turn

Watch the From Promise to Profit episode now to learn more about:

  • Examples of how AI technology is improving cybersecurity solutions.
  • Why AI-powered cybersecurity solutions present an opportunity for MSPs and solution providers.
  • Advice on how to begin implementing AI functionality into your current portfolio.

Read more about Cybersecurity.

Tags : Cybersecurity

Join Now to Learn More