"Generative AI’s Emergence Has Significantly Altered Cybersecurity Landscape"

How has the security market evolved with the boom in the artificial intelligence (AI) and generative AI space since November 2022?

When it comes to cybersecurity, IBM started the journey of AI and generative AI (Gen AI) quite early. Multiple capabilities were introduced into IBM portfolio even before the industry boom happened. In the current scenario, we now have a new threshold, wherein we are trying to leverage the generative AI capabilities, which is adding on as an additional capability on top of our existing AI models or capabilities and cybersecurity. Hence, this is not something that we are starting afresh with – Generative AI capabilities. 

In our IBM security portfolio, a key focus is advanced investigation, detection and response, leveraging IBM watsonx Cybersecurity as a foundational capability. We are also advancing with open, trusted, targeted and empowering models, aiming to enhance human analysts' capabilities rather than replace them with AI. Our goal is to assist analysts in progressing to higher-level engagements, optimising efficiency and effectiveness while maintaining human oversight and decision-making.

Could you tell us the risks posed by Gen AI in the evolving cyberattack landscape over the past year and IBM's approach to addressing these challenges?

IBM is at the forefront of enterprise-grade Gen AI, particularly in terms of its capabilities via watsonx platform. The emergence of Gen AI has significantly altered the cybersecurity landscape over the past one year, amplifying the scale and speed of attacks, such as phishing emails, which can now closely mimic genuine correspondence. This poses a challenge necessitating advanced AI-driven defense tactics, as traditional methods fall short against AI-based threats. IBM is actively investing in AI-driven detection and investigation tools to address these challenges, significantly enhancing efficiency and speed in identifying and analysing potential threats. This AI-driven approach is already being adopted by numerous customers and continues to evolve with the integration of advanced Gen AI models.

How have the demands and concerns of businesses in India evolved over the past year, particularly in relation to growing risks and vulnerabilities, and how does this compare to the global scenario, along with the level of openness to security measures?

In the Asia Pacific region, particularly in India, there has been a big increase in cyberattacks over the past year, attributed to the accelerated digital transformation. This transformation has led to increased exposure of assets, data migration to multi-cloud environments and expanded data access to external entities, making the region a prime target for adversaries. However, regulated industries, anticipating such threats, have been enhancing their defense programs, with stringent security controls mandated by regulatory bodies like the RBI for the BFSI sector. Additionally, government initiatives focus on safeguarding critical infrastructure, reflecting a heightened awareness of cybersecurity risks. IBM and IBM Security have been pivotal in providing advanced security solutions, particularly embraced by banking, financial services and government entities in India. This market is demonstrating rapid growth in cybersecurity adoption, driven by increased awareness and the imperative for robust protection against evolving threats.

Could you share insights on emerging sectors beyond BFSI in the Indian market, where there's notable interest and growth potential for IBM’s security software business?

Traditionally, regulated industries have been the primary focus for cybersecurity defense technologies, but now we are witnessing a rise in demand from newer, more mature companies, particularly those born in the cloud, who are acutely aware of the sensitivity of their data, including customer and financial information. This heightened awareness has led to increased interest in security solutions, particularly in areas such as detection and response, data protection and identity and access management, with many organisations turning to IBM for guidance and technology to safeguard their assets.