CYBERSECURITY EVOLUTION MODEL: AI/ML IN SECURITY ORCHESTRATION, AUTOMATION, AND RESPONSE
Keywords:
SOAR, AI, MLAbstract
The development of Security Orchestration, Automation, and Response (SOAR) systems is the main topic of this paper's investigation into the history of cybersecurity. In contemporary cybersecurity, SOAR—which consists of orchestration, automation, and response capabilities—is essential. The shift from conventional network operations centers to advanced security operations centers is depicted in the cybersecurity evolution model. The SOAR platform's architecture-centric design emphasizes the value of integration and adaptability. Organizations use functional requirements as a reference when evaluating their security needs. These requirements include integration capabilities, automation, orchestration, incident response, threat intelligence, scalability, and usability. Artificial Intelligence (AI) and Machine Learning (ML) combined with SOAR improves response efficacy, streamlines processes, and improves detection. Organizations must manage issues such data quality, algorithm selection, system complexity, and privacy concerns while benefiting from enhanced efficiency and scalability.
References
Codecademy. (2017). The Evolution of Cybersecurity. Codecademy; Codecademy. https://www.codecademy.com/article/evolution-of-cybersecurity
Islam, C., Muhammad Ali Babar, & Surya Nepal. (2020, September 16). Architecture-centric Support for Integrating Security Tools in a Security Orchestration Platform. ResearchGate; unknown. https://www.researchgate.net/publication/344260727_Architecture-centric_Support_for_Integrating_Security_Tools_in_a_Security_Orchestration_Platform
Jangampet, Vinay Dutt. “Automation Response to Cyber Threat.” https://ijrdst.org/, 2023. https://ijrdst.org/public/uploads/paper/856821701755768.pdf.
Kinyua, J., & Awuah, L. (2021). AI/ML in Security Orchestration, Automation and Response: Future Research Directions. Intelligent Automation and Soft Computing, 28(2), 527–545. https://doi.org/10.32604/iasc.2021.016240
The Evolution of Security Operations and Strategies for Building an Effective SOC. (2019). ISACA. https://www.isaca.org/resources/isaca-journal/issues/2021/volume-5/the-evolution-of-security-operations-and-strategies-for-building-an-effective-soc
What is SOAR (security orchestration, automation and response)? | IBM. (2023). Ibm.com. https://www.ibm.com/topics/security-orchestration-automation-response
Matzek, S., & Matzek, S. (2020, September 22). Why SOAR Is a Compelling Proposition for Your IT Security. Cisco Blogs. https://blogs.cisco.com/services/why-soar-is-the-future-of-your-it-security.
Vinay Dutt Jangampet, Srinivas Reddy Pulyala and Avinash Gupta Desetty, Optimized Alternating Graph-Regularized Neural Network for Cyber Security Threats Detection in Internet of Things, International Journal of Information Security (IJIS), 2(1), 2023, pp. 1-12 doi: https://doi.org/10.17605/OSF.IO/45A32
Reddy Pulyala, S., Gupta Desetty, A.., & Dutt Jangampet, V. (2019). The Impact of Security Orchestration, Automation, and Response (SOAR) on Security Operations Center (SOC) Efficiency: A Comprehensive Analysis. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 10(3), 1545–1549. Retrieved from https://www.turcomat.org/index.php/turkbilmat/article/view/14323
