The Two Forces Reshaping Our Cyber Defences For The Better

Artificial Intelligence | Data Management | Governance & Risk | Security Operations

Posted: Tuesday, Feb 04

KBI.Media
$
Posts
$
TECHNOLOGY
$
Artificial Intelligence
$
The Two Forces Reshaping Our Cyber Defences For The Better

i 3 Table of Contents

The Two Forces Reshaping Our Cyber Defences For The Better

From Deepak Ajmani

Introduction

It’s very hard to catch a ball in flight without being able to make real-time calculations based on a continuous and uninterrupted stream of information from your eyes to your brain. The same can be said for cyber security. It’s tough to catch threats in play without truly real-time data.

The need for real-time data and data processing is becoming particularly prominent as generative artificial intelligence (GenAI) plays a larger role in cyber security efforts. With malicious actors creating more sophisticated exploits at scale with the help of GenAI, cyber defenders are finding increasingly innovative ways to use the technology for security solutions.

The top ways organisations are leveraging GenAI for cyber security purposes include threat detection and response, threat intelligence and malware or phishing detection, according to PwC’s 2025 Global Digital Trust Insights report — even if local businesses have proven to be slower in adopting AI-driven cyber solutions compared to their global counterparts.

But among those businesses that are leveraging GenAI for cyber security applications, there is a crucial weapon that is fast becoming key to their battle strategy: real-time data streaming. This enables stream processing — the processing of data in real time — which can help businesses access the full power of their data for real-time security defences.

When Real-time Isn’t Real-time

When it comes to identifying and defending against active cyber threats, seconds count. The most effective defenses are close to instantaneous. While many cybersecurity defences today bill themselves as real-time, the rate at which they ingest data may prevent them from being so. In this sense, real-time doesn’t always mean real-time.

That’s because many networks are architected in such a way that data is processed in batches, rather than as a continuous stream of information. This is called batch processing. For organisations making use of GenAI in cyber security systems, the delays caused by batch processing, however brief they may be, can make it difficult to drive the responsiveness needed.

Moreover, the models that power GenAI technology typically require large volumes of data that needs to be trustworthy and in the right format, as a starting point. If those models are being put to work in cyber security applications, the data has to be as real-time as possible to effectively protect against dynamic threats. This is where data streaming platforms become key.

Enhancing Intelligence Sharing

Information sharing is essential in the world of cyber security. This is something the federal government has already cottoned on to. The Australian Signals Directorate’s Cyber Threat Intelligence Sharing Platform (CTIS) enables the sharing of indicators of compromise (IOCs) in real-time within a growing community of Australian government and industry partners.

Indeed, real-time threats can only be effectively combatted with real-time responses, and the ability to ensure such sharing is truly real-time and instantaneous can make or break the effectiveness with which that shared information can be used to defend against attacks — especially when GenAI is involved.

With GenAI, organisations can correlate data from various sources to gain a clear view of the threat landscape. Combined with streamed data, GenAI-powered solutions give organisations the chance to gain that clear view in real-time — an essential capability when threats can move through networks at the speed of electrons.

According to Confluent’s 2024 Data Streaming Report research, 85% of respondents noted that data streaming platforms are key, or one of the important enablers, to ‘joined-up visibility across the business’. Such visibility is a vital component to the intelligence sharing that drives solutions designed to defend against cyber threats in real time.

Driving Detection and Response

Cyber security solutions such as network detection and response platforms collect, automatically correlate and analyse data across multiple systems and security layers, providing real-time responses to threats in action. Increasingly, such platforms are making use of GenAI to correlate and analyse the data coming in from different parts of the business more effectively.

The faster an organisation can gather its telemetry data and distribute it across its various detection and response platforms, the sooner it can react to incoming attacks and minimise potential threats. Without data streaming, the patchwork of collectors and indexing systems needed to effectively gather, process, and respond becomes challenging to assemble and orchestrate. With more moving parts in the form of GenAI inferencing makes this challenge ever more acute.

Boosting Behavioural Analysis

Another area in which data streaming is enabling key cyber capabilities is behavioural analytics, which examines user behaviour within a network or application, keeping an eye out for any unusual activity that may point to a threat. By establishing a baseline for normal behaviour, businesses can use analytics to spot abnormal behaviour that could be construed as a threat.

As with network detection and response platforms, GenAI can also play a role in making behavioural analytics more effective by collecting, automatically correlating and analysing data for faster response times in the event of a threat. With data streaming technology feeding AI models with real-time information, behavioural analytics can happen near-instantaneously.

What that means is that an organisation such as a bank can act immediately in the event of an insider threat being detected, for example, giving it the ability to either lock off the relevant part of the network or deploy active defences in time to prevent any damage from being done or information from being compromised — protecting itself and its customers.

With 94% of respondents Confluent’s research citing data streaming platform technology as ‘critical’ or ‘important’ in achieving data and information-related goals, the role that it plays in GenAI-powered cyber security strategies is only set to soar as businesses strive to stay on the ball as the threat landscape evolves.

Deepak Ajmani

Deepak Ajmani is the Vice President of ANZ & APAC Emerging Markets at Confluent. In this role, Deepak is responsible for the growth of Confluent Cloud revenues from enterprise, mid-market, digital native and startup organisations in the APAC region. Based in Singapore, Deepak leads the Digital Native team in South East Asia and Australia & New Zealand at Confluent, a high growth segment for the company focused on supporting new, emerging companies. He also leads the Enterprise team in the rest of South East Asia region and Australia & New Zealand, helping established businesses leverage Confluent across the organisation.

Independent Cyber News.

i 3 Table of Contents

Introduction

When Real-time Isn’t Real-time

Enhancing Intelligence Sharing

Boosting Behavioural Analysis

Get Your Cyber News Delivered

Similar Posts

Cybersecurity Tips for Conveyancers and Solicitors using PEXA

Pravjit Tiwana – SVP, GM Cloud Storage

The Art of Mastering Cyber Risk: From Spreadsheets to Strategic Resilience in Critical Infrastructure

Data Privacy Week – Taking Control of Data

Business News

Tech News

National Security News

Other Resources

Our Podcasts

Partner With KBI

Content Production

Business News

Tech News

National Security

KBI.FM - The Cyber Podcast Network

Threats & Reports