NTT Data today added a managed extended detection and response (MXDR) service that is based on a security operations center (SOC) platform from Palo Alto Networks.

Stefaan Hinderyckx, senior vice president for cybersecurity at NTT Data, said this latest addition to the managed security services portfolio extends an existing alliance between the two companies that combine their respective artificial intelligence (AI) expertise.

The Palo Alto Networks Cortex XSIAM platform makes use of machine learning algorithms to identify issues that need further investigation. On top of the platform, NTT Data is adding generative AI capabilities that make it easier for its cybersecurity teams to investigate indicators of compromise and, if necessary, respond, said Hinderyckx.

That approach enables organizations to more easily take advantage of AI technologies to combat threats without having to build, deploy and maintain their own AI models, he added.

In addition to providing the expertise required to deploy and manage the underlying platforms, the NTT Data managed service reduces the total cost of ownership (TCO) for cybersecurity is much less for organizations as many of the current tools they rely on to manage cybersecurity are rationalized, noted Hinderyckx.

That approach enables more than 7,500 NTT Data cybersecurity professionals to focus more of their time on identifying and mitigating threats, which the company claims to thwart more than 2 billion times a year.

It’s not clear to what degree organizations are shifting toward relying more on managed security services but it still remains challenging to hire and retain cybersecurity expertise. Even after the rise of AI and the softening of the global economy, there are still more than four million open cybersecurity positions. AI doesn’t eliminate the need for that expertise because someone still needs to determine how severe a threat is and how to respond, said Hinderyckx.

The only way to make up for that gap is to rely more on external providers of cybersecurity services that have the expertise needed to both train AI models for cybersecurity use cases and the skills required to automate their deployment, noted Hinderyckx.

The challenge is that cybercriminals are already making use of AI to generate code that enables them to launch cyberattacks at a faster rate, so it’s only a matter of time before more organizations are overwhelmed unless they can count on help from a managed security service provider (MSSP), he added. There’s never going to come a day when AI replaces the need for cybersecurity expertise, but it’s clear how cybersecurity is achieved and maintained is evolving, said Hinderyckx.

There is, of course, no shortage of MSSPs so each organization will need to determine which one makes sense to partner with, given their size and overall level of risk. The one clear thing is very few organizations will have the resources required to manage cybersecurity on their own. Instead, most will ultimately wind up relying on a mix of external and internal expertise to combat threats that are not only increasing in volume but just as critically, sophistication.