Aug 08 2019

5 Questions to Ask About Buying AI-Enabled Security Software

Before spending money on supposedly AI-enabled security software, make sure it’s the real deal.

Security products incorporating artificial intelligence techniques may reduce the workload for human analysts, taking over the time-consuming job of correlating information sources and mining voluminous logs to uncover suspicious patterns of activity. Vendors, seeing the hype around AI, are quick to slap the label on almost any technology for a cutting-edge veneer.

Here are five questions to ask before purchasing an AI-enabled security system:

1. What Data Was Used to Train the AI?

AI and machine learning techniques detect patterns in data and use those patterns to make predictions about the future. But those models are only as good as the data used to train them. Make sure it’s clear how the security system’s models were created. Does the product create a model customized for your organization, or does it use the same model across all types of environments?

2. Does the Technology Truly Use Machine Learning or AI?

Some vendors assume that if their product is making recommendations, it’s using artificial intelligence. In reality, some of those products are simply using the same pattern-matching rules that they’ve always used, rather than relying upon more sophisticated data models. Make sure the vendor is clear about the nature of the AI that its product is supposedly using.

3. How Does the AI Learn and Improve Its Abilities Over Time?

As networks, systems and user behavior change, models must adapt to reflect those changes. How is the model updated? Is it continuously retrained on your new data as it is collected, or does it require product updates from the vendor to improve its abilities? How are those updates delivered?

MORE FROM BIZTECH: Get hip to the cryptojacking threat that might be siphoning resources and data from your computer without your knowledge.

4. Who Owns the Resulting Models?

If the product is using the business’s data to either develop or contribute to broader models, who owns those models? Is the vendor permitted to use that model with other customers? Is the business able to access details of the model and use them in other security applications? Read the contract’s fine print to make sure it’s clear how the vendor will use the data and what rights the organization retains.

5. Will the AI Save Time or Improve the Organization’s Security Posture?

You should invest in AI technology only if you truly believe that it will either reduce the amount of time currently spent by security analysts on your team or provide you with insight that you don’t receive from your existing products. As with any business investment, make sure that the expected ROI justifies the cost.

CDW Cybersecurity Insight Report


Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT