The sheer volume of cybersecurity alerts state governments face is daunting – potentially millions in a single day. Even more difficult is parsing through them to determine which pose real threats. The real challenge this presents for state governments lies in the limited amount of time humans have in rifling through such large swaths of data. In the face of such limitations, IT teams must turn to more efficient methodologies: enter artificial intelligence (AI) and machine learning.
However, the goal is not to replace current security information and event management (SIEM) employees. AI can effectively augment existing professionals’ ability to sort through large volumes to logged events. Machine learning steps in to better categorize valid threats. With more information and time, these systems only serve to vastly improve the capabilities of SIEM teams in the future.
AI is also still limited in its capabilities to properly sort. In the meantime,