AI use cases are increasing as companies leverage the technology’s ability to automate, streamline processes and empower users to grow at scale. A good example is AI’s role in cloud and data centre environments, where the technology ensures strategic management of all resources – and facilitates continuous threat exposure management (CTEM) to protect assets.
This is according to David Jackson, associate director of security operations at Snode Technologies.
Jackson is scheduled to deliver a presentation focusing on AI use in cloud and data centres at the ITWeb Cloud and Data Centre Summit 2025, at The Forum, Bryanston, on 7 August.
He will provide insight into how and why AI is being brought into data centre operations, with more detail about how the technology serves to automate processes, making them easier and quicker. AI also empowers companies to optimise critical resources, including compute, storage and networking.
These operations can be physical, cloud-based or hybrid.
“It really makes it much easier and much faster to find subtle anomalies that we may not have previously seen with human intervention. So, for example, where the servers in a data centre might be behaving erratically, technicians will look through a massive amount of data, log data, but may not see anything that really stands out,” says Jackson.
This is where AI can play a key role in being trained to spot anomalies to enable technicians to remediate faster, instead of having to waste valuable time and resources.
“It can flag subtle problems, like a rise in energy consumption coupled with slight latency of package flows through a specific rack, for example,” Jackson continues.
In addition to managing thermal conditions, AI plays a key role in intelligent resource allocation. By leveraging continuous monitoring and predictive analytics, it enhances the efficiency of server, storage and network bandwidth utilisation.
This is an important consideration, says Jackson, given that AI-driven data centres depend on advanced network virtualisation technologies for optimum interconnection, scalability and performance to support increasingly complex and data-intensive operations.
“AI can be trained with historical data, which enables it to flag a subtle rise in energy or change in temperature threshold, for example. The technology can find anomalies within the data centre or server infrastructure that are not obvious,” says Jackson.
Move to CTEM
In security operations centres, AI replaces manual processes with automation. It enables teams to handle larger volumes of alerts, detect sophisticated threats more quickly and streamline workflows – improving overall response times and operational efficiency.
Another trend Snode Technologies is focused on is the move from traditional threat and vulnerability management to CTEM, something Gartner has emphasised companies should adopt for a more proactive approach to combat breaches.
Gartner states: “Exposure management practices identify and quantify expanding attack surfaces to prioritise cyber threats targeting organisations.”
Using the CTEM approach, companies leverage AI, machine learning, active asset management and SOAR (security orchestration, automation and response).
CTEM is the framework that enables companies to identify critical assets, attack paths, threat intelligence, vulnerabilities and business impact, and prioritise remediation activities, adds Jackson.
He explains that this framework empowers companies to concentrate on mitigating vulnerabilities and block attacks before they happen. “When we do the assessments, we would prioritise each of these (assets) to focus on remediation. For example, if you have external facing assets – with a critically exploitable vulnerability, that would be high priority versus if you have an internal facing asset that isn't exposed to the internet; it may also have a critical vulnerability on it but pose a lower threat to your organisation.”
Jackson explains CTEM empowers companies to concentrate on mitigating vulnerabilities and block attacks.
“If we're now mitigating a vulnerability or a threat to our environment that is potentially on an attack path, we would then be effectively blocking those attacks from happening before they happen. So CTEM is much more of a proactive approach to security than a reactive approach, and it focuses really on prioritising assets and prioritising your remediation so that you really are looking at closing the gaps."
It is important for businesses to identify where these assets are in the context of protection and controls. This involves evaluating the efficiency and effectiveness of the control environment (eg, patching, identity and access management, etc) and understanding the level of governance in place.
“CTEM is a more holistic way of looking at providing protection on critical assets,” Jackson adds.
Snode Technologies provides a CTEM solution by combining its MDR services, vulnerability scanning, asset management (identification and prioritisation), controls evaluation, attack surface management and dark web monitoring.
Click here for more information or to register for the ITWeb Cloud and Data Centre Summit 2025.
Share