This article was published by SmartDataCollective.
Everyone wants to leverage machine learning, behavior analytics, and AI-powered tools so IT teams can “up the ante” on their security, but where are we in our evolution toward security automation? What role are emerging technologies playing in security today, and are people still your best asset? Let’s explore the impact of modern advances on cybersecurity.
Today, the security market includes a dizzying array of technology-based products that all make a very bold claim–to automate the collection, correlation, and analysis of everything happening on your network.
But those claims are only partially correct.
Modern technologies are automating the collection and correlation, but not the full analysis. We haven’t crossed the chasm of “dehumanizing” cybersecurity yet. Despite what some might try to sell you, solutions still require a certain level of security knowledge, expertise, and support to work as advertised. Let’s “peel the onion” a little to expose the hype and show where security analysts are still necessary.
In fact, even in the “age of AI,” Masergy advises its customers that talent still represents as much as 50 percent of the success equation.
Uncertainties are a major roadblock in automating cybersecurity. The software developers can only automate what they’re certain about, and there is an enormous amount of uncertainty in the work at hand. For instance, malware programs mask their true nature, so even security professionals are not always 100% sure which activity is “good” and “bad.” When the rules aren’t clearcut, humans are far better at making the necessary judgment call. Thus, it might be a long time before anyone reduces security operations into a standalone machine.
Where does this leave CISOs and their technology investments?
Security leaders should prioritize intelligent data interpretation over simply collecting and pumping more data through computer algorithms. Automation undoubtedly has a place in cybersecurity and warrants the IT spend, but currently its greatest strengths are in its ability to augment existing detection and response efforts by bringing security tools together to assist people. Leveraging emerging technology to accelerate the work of the threat detection team and hasten response is as close to a silver bullet as you’re going to get today. That’s the best approach.
One single question can help security leaders in measuring the strength of their technology and security service investments:
Is your security solution a force multiplier or a force divider?
Hopefully your investments create more protective force than tasks for your internal team. I have come across countless “solutions” that are good at automating the identification of threats but ultimately create more work for the customer than they actually relieve. And typically this is due to the lack of security expertise available to monitor and manage everything for the given network. The most effective “AI solutions” are the ones that combine people, processes, and technology, which together optimize all security resources as a force multiplier.
Masergy’s managed detection and response solutions combine the latest machine learning and behavior analytics with a team of tenured security analysts to accelerate security processes and decrease dwell time. When you’re looking for a technology-driven solution backed by security professionals and an industry-leading customer experience, call on Masergy.
Applying for a cyber insurance policy? You'll need security policies and countermeasures in place, including endpoint detection and response.
Security for cloud migration is the new imperative. Forrester’s best practices report includes these four key guidelines.
Accelerated transformation has spurred new governance phases. Rebalance innovation and security by putting these checks and balances in place.