On November 14, I had the privilege to represent Palo Alto Networks and testify before the Energy and Commerce Committee in the House of Representatives on the critical role of artificial intelligence (AI) in cybersecurity defense.
I highlighted how AI is enabling network defenders to anticipate, track and block cyber attacks to a degree never seen before. Indeed, as my testimony outlined, the demonstrated impact of AI-powered cyber defense is significant. Each day at Palo Alto Networks, we detect 1.5 million unique attacks that were not present the day before by leveraging AI. This process of continuous discovery and analysis allows threat detection to stay ahead of the adversary, blocking 8.6 billion total attacks every day.
One of the most compelling use cases of AI-powered cyber defense is seen in the security operations center, or the SOC as we call it. For too long, SOC analysts have been inundated with alerts to triage manually. This creates an inefficient game of whack-a-mole, while critical alerts are missed and vulnerabilities remain exposed. AI can help flip this paradigm to put defenders back in the driver’s seat.
Results from the Palo Alto Networks AI-driven SOC are particularly telling. We are able to ingest 36 billion events daily and triage that number down to just eight incidents, on average, that require manual analysis. This dramatically reduces detection and response times and frees up analysts for more proactive threat hunting activity.
Customer benefits have been similarly encouraging, with mean response times going from weeks and days to hours and minutes, a fivefold increase in incident close out rate, and a sixfold increase in the average amount of security data ingested and analyzed each day. These dramatic improvements are critical to stopping threat actors before they can encrypt systems or steal sensitive information.
AI is making security data actionable for network defenders, giving them real-time visibility across their digital enterprises and the ability to prevent, detect, and respond to cyber attacks quickly. Accordingly, Palo Alto Networks firmly believes that the risky outcome for society is in not leveraging AI for cyber defense purposes.
As U.S. policymakers consider potential guardrails on the development and use of this vital technology, we believe that a risk-based, use-case specific and stakeholder-involved approach will help minimize harms without stifling necessary innovation. To that end, we encourage policymakers to build upon existing, flexible frameworks; focus on securing AI systems themselves; differentiate between use cases, impacts and data types; avoid unintended consequences in disclosure requirements; as well as recognize and promote cybersecurity as an enabler of privacy.
As I mentioned in my testimony, Palo Alto Networks is committed to using our deep and broad visibility into the cyber threat landscape to be good cyber citizens and national security partners with the federal government. AI is central to realizing this commitment. We encourage all entities to embrace the importance of AI for cybersecurity, and look forward to working with policymakers and stakeholders to further promote its adoption.
See more information and view the testimony.