With cybercriminals weaponizing cloud services and evading detection through encryption, security professionals plan to increasingly use and spend more on tools that use artificial intelligence (AI) and machine learning.

That’s according to the Cisco 2018 Annual Cybersecurity Report, now in its 11th year. It includes findings from six technology partners: Anomali, Lumeta, Qualys, Radware, Saint and TrapX; and the results of Cisco’s annual Security Capabilities Benchmark Study (SCBS), which surveyed 3,600 chief security officers (CSOs) and security operations (SecOps) managers from 26 countries.

Cisco’s Steve Benvenuto

Steve Benvenuto, Cisco’s senior director of global security partner sales, tells Channel Partners the report points to a few key trends that are particularly relevant to channel partners.

“First, organizations are struggling to find the security talent, so as such, they are building their own practice expertise, but also partnering with other partners that have security expertise or in some cases they are acquiring security talent through acquisitions,” he said. “In addition, organizations are increasingly looking for integrated solutions that share threat intelligence and reduce time to detection and remediation. This is creating opportunities for partners to focus on security services including assessment, consulting, managed/outsourcing, monitoring and incident response.”

The report also aligns with the trend that security no longer is viewed as a separate silo and is embedded with network, data center and Internet of Things (IoT) conversations, Benvenuto said. As a result, Cisco recommends that partners continue to educate front-line partner sellers to engage in deeper security conversations, along with broader IT offerings, he said.

According to the SCBS, 83 percent of security professionals rely on automation to reduce the level of effort to secure the organization. Seventy-four percent rely on AI to reduce the level of effort to secure the organization, and 92 percent say behavior-analytics tools work well in identifying bad actors.

Respondents expect to take increasing advantage of AI and robotics.

“As security becomes (a) more integrated platform and even a more embedded part of the network and data center, there is opportunity for our partners to leverage machine-learning technology to drive additional services for improving a customer’s security posture,” Benvenuto said. “To proactively use machine learning and AI in outsource or managed models to more quickly detect and remediate threats and to drive the analytics more quickly across enterprises will be a big opportunity for partners.”

Security professionals are implementing a complex mix of products from a cross-section of vendors to protect against breaches, according to the report. This complexity and growth in breaches has many downstream effects on an organization’s ability to defend against attacks, such as increased risk of losses. In 2017, one in four (25 percent) professionals said they used products from 11-20 vendors, compared with 18 percent in 2016, while professionals said almost one-third (32 percent) of breaches affected more than half of their systems, compared to 15 percent in 2016.

In this year’s study, more than one in four (27 percent) security professionals said they are using off-premises private clouds, compared to …

… 20 percent in 2016. Among them, 57 percent said they host networks in the cloud because of better data security, 48 percent because of scalability, and 46 percent because of ease of use.

While cloud offers better data security, attackers are taking advantage of the fact that security teams are having difficulty defending evolving and expanding cloud environments. The combination of best practices, advanced security technologies like machine learning, and first-line-of-defense tools like cloud-security platforms can help protect this environment, Cisco said.

“Last year’s evolution of malware demonstrates that our adversaries continue to learn,” said John Stewart, Cisco’s senior vice president, and chief security and trust officer. “We have to raise the bar now – top-down leadership, business-led, technology investments, and practice effective security – there is too much risk, and it is up to us to reduce it.”