IDC: 25% of Top Asian Companies to Deploy GenAI to Enhance Security Operations Capabilities by 2024

Top Future of Trust Predictions in Asia/Pacific* for 2024 and Beyond Revealed by IDC

In a recent FutureScape report, IDC FutureScape: Worldwide Future of Trust 2024 Predictions ─ Asia/Pacific (Excluding Japan) Implications, IDC predicts that by the end of 2024, 25% of Top 2000 Asia (A2000) companies will leverage Generative AI (GenAI) within their Security Operation Centers (SOCs). This integration is designed to bolster analysts’ skills in detecting and responding to cyber threats, significantly improving their efficiency in managing cybersecurity incidents. This move addresses challenges related to hallucinations, bias, privacy concerns, and the reinforcement leaning aspects inherent in GenAI applications. Although GenAI holds promise in enhancing the efficiency of security analysts, analysts are still at the core of security implementation.

As AI and GenAI become focal points, organizations in the Asia/Pacific excluding Japan (APeJ) region are eagerly investigating use cases. Their aim is to enhance operational effectiveness while also addressing risk and privacy issues.

• AI Risk/Compliance: By 2026, 25% of organizations will utilize AI-enabled risk and compliance solutions to continuously monitor data in real-time to predict noncompliance internally or from third-party associations.

• AI-Enhanced Privacy: By 2026, 25% of organizations will utilize AI to enhance data privacy through use of data anonymization, encryption, anomaly detection, and privacy-preserving ML techniques like differential privacy.

• DLP for GenAI: By the end of 2024, 35%of large organizations will have extended their Data Loss Prevention (DLP) deployments to GenAI environments to prevent privacy violations and data breaches.

When AI systems are properly implemented, mundane and repetitive operational tasks are greatly reduced. These systems are particularly adept at scaling to manage the ever-increasing volumes of data being produced and consumed, crucial for upholding of data privacy in this big data era. Furthermore, the risk of non-compliance, fueled by rising cyberattacks and the proliferation of regulations at various governmental and sectoral levels, underscores the need for AI’s advanced analytical capabilities. AI-powered solutions for risk and compliance can effectively sift through vast datasets, facilitating continuous, real-time adherence to regulatory requirements.

Despite AI and GenAI initiatives taking the limelight, aligning IT security investments with business outcomes remains a challenging feat for organizations in the region. Budget shifts, largely directed towards AI and GenAI efforts, necessitate that IT security spending is justified in some manner, maintaining a balance between innovation and security imperatives.

• Cyber-Risk Quant: By 2026, 30% of organizations will use quantification models to attack a dollar figure to cyber-risks and seek vendors with incident response data to calculate probability and dollar amounts.

• Cyber-Risk Platform: By 2026, 20% of organizations will use a proactive cybersecurity platform that aggregates risk exposures to score and prioritize cybersecurity risk in totality instead of one tool at a time.

These forecasts hinge on the adoption of efficient and effective risk management strategies. By evaluating the impact of previous cyber incidents, organizations within the region can now quantify cyber risks financially. This crucial insight serves as the foundation for constructing business cases aimed at bolstering cybersecurity defenses. Consequently, organizations are positioned to make informed investments in security technologies that promise a favorable return on investment. Simultaneously, there's a gradual shift in the market towards a more cohesive and strategic approach to risk management. Instead of addressing cyber risk in isolation, there's an emerging recognition of the importance of a unified perspective that considers the aggregate effect across various tools and systems.

"Generative AI's use cases in security are still emerging and maturing, but its trajectory is clearly upward. With time, research, and innovation, we can expect Generative AI to play an increasingly pivotal role in forging trust and fortifying our digital defenses against the evolving threats of the future," says Christian Fam, Research Manager, Future of Trust, IDC Asia/Pacific.

Each year, IDC releases its top technology predictions at worldwide, regional and country level through its IDC FutureScape Reports and gives a crystal ball view of what is ahead for the rapidly changing IT industry. These predictions have been used to shape the strategies and business objectives of technology leaders and business executives in the next 1-5 years.