Research finds that security professionals are willing to replace MDR with AI; a third of respondents were breached in the last year.
Radiant Security, the pioneers of AI-enhanced security operations solutions, released their latest study revealing widespread disappointment with Managed Detection and Response Systems, with 60% of IT security experts considering artificial intelligence (AI) as a potential replacement. The survey was conducted in April by Censuswide with 300 US-based IT professionals and underscores MDR challenges, with a third of respondents reporting a breach within the last year.
As cyberthreats like phishing, social engineering, and malware become more sophisticated and increasingly fueled by AI, legacy MDR services appear to struggle with responses. After a breach, an organization’s biggest challenge is the swift identification and remediation of the core issue that led to that breach. However, 44% of MDR users surveyed needed more than four weeks to remediate a single incident. During this time, malicious actors can continue to exploit existing vulnerabilities, steal sensitive data, disrupt operations or cause other problems.
“It’s clear from the recent report and from our internal threat research that existing managed detection and response solutions are ill-equipped to keep up with changes in the threat landscape like the use of adversarial AI,” said Shahar Ben-Hador, CEO and co-founder of Radiant Security. “SOC teams are begging to redefine security operations with a more innovative approach, and we’re delivering AI capabilities where MDR has fallen short.”
The report also uncovered a potential correlation between long deployment times and IT’s dissatisfaction with the overall performance of the MDR solution. Half of the respondents reported a four to six month deployment timeline with an additional 44% reporting 7-12 months to deploy MDR tools. A majority of MDR users (84%) noted their dissatisfaction with the legacy tools occurred within nine months of its purchase.
Based on the data, use of AI-powered automation could also help respondents with several shortcomings and pain points of MDR, as found in the survey. For example, more than one-third (34%) reported their MDR tool lacked context about their environment. Here, use of AI could provide a much deeper understanding of normal because it continuously learns about the customer’s environment and can use that data to review alerts and incidents.
For the 57% of respondents who reported their teams are not completely staffed, and 32% who said their MDR tool escalated more than their team could handle, AI is able to use the aforementioned context to perform additional checks more thoroughly than humans, and significantly reduce the number of items that are escalated. This can alleviate work for security analysts who are already stretched thin and cannot spend hours triaging, investigating and responding to all the security alerts they receive.
“We are at an inflection point for AI-driven systems to transform the SOC, making it easier for organizations to embrace and fundamentally shift their security posture,” said Ben-Hador. “There is no question that AI is a game-changer for SOC teams because it can improve context, reduce false positives and powerfully overcome the limitations of traditional MDR tools. AI provides much-needed relief and significant time savings for analysts to ensure their focus remains trained on genuine cyberthreats.”
Finally, 70% of respondents reported that time savings for their SOC teams was less than 25% using current MDR tools, which is counter to the goal of outsourcing to MDR services and essentially leaves organizations in the same situation they were before. AI-based security operations can eliminate 80-90% of Level 1 and Level 2 workloads by performing triage, investigation and response tasks at scale.
Patti Jo Rosenthal chats about her role as Manager of K-12 STEM Education Programs at ASME where she drives nationally scaled STEM education initiatives, building pathways that foster equitable access to engineering education assets and fosters curiosity vital to “thinking like an engineer.”