The future of threat detection

To fight sophisticated threats, cybersecurity teams will need to unify data like never before

Rory Bathgate's avatar
By
published
in Features
The text "The future of threat detection" against a web of connected, red crosses on a dark grey background. The word "threat detection" are in yellow, the rest are in white. In the bottom-right corner, the ITPro Podcast logo is shown.
(Image credit: Future)

Cybersecurity teams are facing a double edged sword of challenges and opportunities. On the one hand, AI tools offer a great deal of autonomous working and the promise of automating some of the more laborious tasks that a cybersecurity team has to undertake.

On the other hand, attackers are also using AI to launch large scale attacks such as sophisticated phishing campaigns and identity theft. To fight this threat, cybersecurity teams will need to unify data like never before and take advantage of as many new technologies and processes as they can.

How can they go about this? And what does a unified cybersecurity strategy really look like in 2026?

In this episode, Rory is joined by Mandy Andress, chief information security officer at Elastic, to explore how businesses can evolve their threat detection and security posture, as well as how AI is lowering the barrier to entry for attackers.

Highlights

"Of course, it all started with phishing messages. It used to be really easy to identify a phishing message, and AI was able to fix that and solve a lot of the language challenges and grammar and the punctuation challenges."

"So we talk about zero trust, we talk about least privilege, and none of those foundational elements have changed. I think in some cases, they've become even more critical, certainly least privileged, as you're looking at system accounts and and non-human identities and agents and really focusing on what they can and cannot do what they can and cannot access. From a threat actor perspective, those are our perfect lateral movement capabilities, 'let me be able to take over an agent and have it do what I want it to do' versus what it's potentially expected to be doing."

"We're starting to see augmenting of analysts, we're starting to see some autonomous workflows, but we're still taking the approach of how we have been looking at things and then adding on or expanding some capabilities. There will be a point in maybe five, seven years out that we are going to need to make a fundamental shift in our approach to continue to build and leverage all of the advantages that we would be able to have."

"The key way for success in today's environment is you need to understand what is happening. You need to have a very holistic, comprehensive view of both what is happening and what exists in your environment, and bringing in as much context, telemetry understanding as possible,

Footnotes

Subscribe 

Rory Bathgate
Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.

Latest
You might also like
View More ▸