What are the biggest challenges facing the cyber security industry in 2017? originally appeared on Quora and republished by Forbes.
Cybersecurity is defined by its evolving nature. Both sides – the threat actors and the defenders – constantly innovate. In part, it’s why there are so many security vendors with so many products – there’s a lot of ground to cover and new threats appear every day.
I believe the biggest challenge for cybersecurity organizations inside companies large and small results from two megatrends: (1) the exponential growth in data from business systems and the security sensors meant to protect those businesses and (2) the extreme and growing shortage of skilled cybersecurity personnel to analyze and respond to incidents illuminated by this data.
Consequently, the industry’s challenge is to find a way to weave together the information contained in all that data without relying on people to connect all the dots. And while advances in machine learning have shown early promise in organizing and finding anomalies in large data sets, this “alert refinement” only provides incremental gains with respect to this challenge. The same is true of automating or orchestrating actions according to playbooks. What really needs to happen for dramatic gains – and where artificial intelligence can have a real impact – is automating the decision-making, especially for human challenging tasks. Most of these involve high-volume data streams where the important signals are far and few between.
At my company, Respond Software, meeting this challenge by emulating expert security analyst decision-making and judgment to handle the massive scale and repetitive tasks necessitated by today’s threat landscape is exactly what we aim to do.
I often use an analogy to self-driving cars – cybersecurity is centered around people doing all the decision-making. The challenge for the industry is to think differently about the approach. Instead of relying on machines to assist the human, let’s invert the model and have humans assist the machine. It’s the only way out.
Mike has led several software companies from inception through high growth and to successful IPO’s or acquisitions. Mike’s passion for technologies that change how people work is as intense today as it was earlier in his career when he was the first product manager for Pure Software, where he helped lead the company from an early-stage start-up to become a top 10 public software company. A keen interest in IT Security in the early 2000’s led Mike to co-found Fortify Software. Fortify defined application security and continues to be the market leader after its acquisition by HPE Security and now Micro Focus. At HPE Security, Mike was the VP and General Manager of the Fortify and ArcSight businesses until he left in 2016 to start Respond Software.View all posts by Mike Armistead