Specialist
Executive at Microsoft Corp
Agenda
- Current state of AI and machine learning technology in the cybersecurity industry
- Traditional cybersecurity modalities and potential disruption by AI and machine learning technology
- Major cybersecurity vendors leveraging AI and machine learning technology today and vendors at the forefront of innovation
- Security posture of organisations outside of traditional cybersecurity and the potential market disruption by AI
- Importance of partnerships with leading AI and machine learning companies such as the major cloud vendors
- Intersection of AI and cybersecurity and industry impact of recent innovations such as generative AI, plus innovation outlook
Questions
1.
What 2-3 key trends should we be thinking about as we see AI become increasingly used in cybersecurity?
2.
Could you provide a breakdown of the different areas where AI is being used, such as threat detection and prevention, vulnerability scanning, fraud detection and behaviour analysis?
3.
How should we think about progression in AI technology for each of the areas you discussed? Is it a question of building out longer and more robust datasets or more sophisticated algorithms? What is driving the value that AI is delivering for these different uses?
4.
Is large language model technology already being used for different types of cybersecurity? How do you think it’s going to transform cybersecurity in the future?
5.
Where do you see that type of potential change in adoption of AI technology occurring first across the areas of cybersecurity, including endpoint, firewalls, etc? Where do you see that adoption having the greatest impact?
6.
Where do you see current modalities of cybersecurity being most vulnerable to large disruption, given progress in AI?
7.
A recent McKinsey study estimated a USD 1.5tn-2tn industry for cybersecurity. How should we think about the importance of AI across offering types in that considerable TAM?
8.
Are there any kinds of cybersecurity modalities or offerings that you see as particularly headcount-heavy, that you think are a potential area for AI to increase efficiency?
9.
How are cloud vendors – specifically AWS and Google – leveraging AI to deliver cybersecurity offerings? How is market leadership in AI a key opportunity for these vendors to move further into the cybersecurity space?
10.
Do you have any comment on Google’s September 2022-announced acquisition of Mandiant and the importance of that?
11.
How is compute power a challenge for the cybersecurity industry as AI starts to draw more and more power? What are the opportunities in being more well-positioned with increased scale, such as AWS with its Graviton chip?
12.
Are there any other areas within cybersecurity that you think AWS or Google are well-positioned in currently?
13.
How is AI being leveraged in EDR [endpoint detection response] and XDR [extended detection and response] vendors such as CrowdStrike, SentinelOne and others today?
14.
What timeline would you attribute to advancement in AI for EDR and XDR vendors?
15.
Is AI in EDR and XDR performant enough that you could, in a customer evaluation process, measure potential differences in how an AI model is performing when evaluating different vendors?
16.
Looking at generative AI and technology from ChatGPT, is there anything that comes to mind specifically for the EDR and XDR category of vendor that you think the technology would be able to help augment or disrupt?
17.
How is AI being leveraged in next-gen firewall offerings by vendors such as Fortinet, Palo Alto and others?
18.
Considering Palo Alto and FortNet are larger cybersecurity vendors and the kind of scale they might be able to achieve with building out more robust AI models, does any particular vendor come to mind as doing well in its AI technology for next-gen firewalls?
19.
How is having a long history of building AI models and creating vast datasets to build those models from, a moat for the industry? Is it going to be harder for newer players to develop AI as sophisticated as more incumbent players with a longer history of developing these models?
20.
How is AI being leveraged in cloud security, looking at vendors such as Palo Alto with its Prisma Cloud and newer market entrants such as Wiz, Aqua or Orca?
21.
Some newer entrants have been growing rapidly, such as Wiz. Is there any challenge with deploying AI for cloud security, or any reason for why it might be easier for a newer vendor to catch up or surpass incumbent players such as Palo Alto?
22.
You mentioned vulnerability management is an area where AI could disrupt the industry to some extent. Looking at vendors like Rapid7, Qualys and Tenable, could you comment on the opportunity?
23.
Does any vendor for vulnerability management, looking at Rapid7, Qualys and Tenable, for instance, come to mind as executing more effectively in its AI strategy?
24.
Do you have any comment on the SIEM [security information and event management] vendors such as Splunk or Exabeam in how they’re using AI?
25.
Can you comment on some of the barriers to entry for developing robust AI to leverage in cybersecurity solutions?
26.
What’s your view on consolidation of cybersecurity vendors looking to improve their AI capabilities? Do you think that there’s any kind of small AI company that may be a potential acquisition target for these cybersecurity vendors?
27.
Thinking about the state of the market today and where a lot of smaller start-ups are concentrated, is there any area of the cybersecurity market where you would expect acquisitiveness to be more prolific?
28.
You mentioned barriers to entry for developing AI in cybersecurity. You also mentioned the issue around talent and how expensive and difficult it can be to maintain. Given the significant technology industry lay-offs we are seeing, are you seeing this type of very specialised talent flowing in any direction, or being snapped up by any kind of company?
29.
You mentioned AI has been a bit of a checkbox item for customers when evaluating technology. What’s your outlook on the timeline for AI becoming a more closely scrutinised requirement?
30.
Do you see more pure-play AI vendors such as Palantir or C3 AI moving into the cybersecurity space?
31.
Do you have any commentary on the proliferation of IoT security as a market opportunity for AI?
32.
Is there any area of cybersecurity, such as endpoint protection or observability, that you think is well-positioned to grow market share for IoT cybersecurity?
