FEATURE: NETWORKS AND SECURITY
understands AI tools and can implement automation to scale IT operations efficiently.
Those who can bridge these skill sets, combining deep technical expertise with forward-looking capabilities in AI and automation, will be uniquely positioned to lead in the next generation of IT infrastructure management.
Rob T Lee, Chief of Research, SANS Institute
AI and Generative models act as co-pilot for NOC and SOC teams. They scan millions of alerts, correlate events and surface real risks so analysts focus on decisions. Traditional ML laid the foundation, but today’ s agentic tools are still emerging from labs under new MCP, Model Context Protocol and A2A, Agent to Agent standards.
The workload cannot be outsourced to a vendor box. Build custom AI workflows, run pilots in a sandbox and iterate fast. At scale AI should ingest logs, rank incidents by real-world risk, draft response playbooks and suggest root cause steps. Treat vendor offerings as experiments. The team must own integration to truly cut toil.
The primary concerns are complexity in managing integrated solutions, legacy system incompatibility, and difficulty ensuring seamless interoperability. Organisations struggle with visibility and control across diverse environments, leading to potential security gaps. The skills gap exacerbates difficulties, requiring teams proficient in network and cybersecurity management.
Balancing robust security with optimal network performance remains challenging, as overly restrictive measures can degrade user experience. Ensuring compliance with evolving regulatory requirements across unified platforms further complicates adoption, driving the need for simplified, unified management and automated orchestration tools.
AI and Generative AI manage workloads do this by automating routine tasks, streamlining incident detection, and enhancing response accuracy. AIdriven analytics swiftly identify anomalies, prioritise threats, and provide actionable insights, reducing manual analysis.
Generative AI further aids by generating detailed incident reports, remediation guidance, and automating threat hunting. These technologies facilitate real-time correlation between network and security data, improving visibility and enabling proactive threat mitigation.
Treating security as a separate discipline has caused gaps in secure coding and architecture for years. Today, security must be taught alongside networking and cloud principles, so practitioners develop both skill sets equally.
As teams diversify, IT and security cultures will overlap, so leaders must excel at communication and collaboration. Overcoming the toxic silos that plague many IT and security groups requires patience and a new, unified culture driven by senior technical leads and executive support.
Meriam ElOuazzani, Senior Regional Director META, SentinelOne
Zero Trust Architecture is becoming foundational, ensuring continuous verification of users and devices across distributed environments. Additionally, integrating cybersecurity with physical security systems provides a holistic approach to threat management.
46 INTELLIGENTCIO MIDDLE EAST www. intelligentcio. com