Application Security , Next-Generation Technologies & Secure Development , Security Operations

Building Better Security Operations Centers With AI/ML

Expel's Jake Gillen on Helping SOC Teams Cut Through the Noise, Speed Up Response
Jake Gillen, principal solutions architect, Expel

Access to artificial intelligence tools is helping cybercriminals become even more formidable attackers, but AI and machine learning are also helping cybersecurity teams and security operations centers become more effective defenders by understanding "what's normal and what's anomalous - very quickly," said Jake Gillen, principal solutions architect at Expel.

By analyzing behavior and identifying anomalies swiftly, security teams can proactively manage security threats - instead of just reacting to them.

"The speed at which attacks are coming, defenders need to have some automation involved to cut down on the noise and also to give them a better shot at figuring out what's actually happening quickly by using ML," Gillen said. As cybercriminals are using AI too, SOCs need these tools for faster incident response.

In this video interview with Information Security Media Group at the Cybersecurity Implications of AI Summit: North America West, Gillen also discussed:

  • The use of ML for real-time anomaly detection;
  • How automation in security operations can help manage vast amounts of data and alerts;
  • How threat actors in Russia, China, North Korea and Iran are already using AI on a global stage.

Gillen has more than 25 years of experience in cybersecurity. He has expertise in designing and implementing privileged account management, vulnerability management, multifactor authentication, logging and SIEM, audit, compliance, and defensive security.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.