What Are The Biggest Challenges Facing The Cybersecurity Industry?
What are the biggest challenges facing the cyber security industry in 2017? originally appeared on Quora and republished by Forbes.
Cybersecurity is defined by its evolving nature. Both sides – the threat actors and the defenders – constantly innovate. In part, it’s why there are so many security vendors with so many products – there’s a lot of ground to cover and new threats appear every day.
I believe the biggest challenge for cybersecurity organizations inside companies large and small results from two megatrends: (1) the exponential growth in data from business systems and the security sensors meant to protect those businesses and (2) the extreme and growing shortage of skilled cybersecurity personnel to analyze and respond to incidents illuminated by this data.
Consequently, the industry’s challenge is to find a way to weave together the information contained in all that data without relying on people to connect all the dots. And while advances in machine learning have shown early promise in organizing and finding anomalies in large data sets, this “alert refinement” only provides incremental gains with respect to this challenge. The same is true of automating or orchestrating actions according to playbooks. What really needs to happen for dramatic gains – and where artificial intelligence can have a real impact – is automating the decision-making, especially for human challenging tasks. Most of these involve high-volume data streams where the important signals are far and few between.
At my company, Respond Software, meeting this challenge by emulating expert security analyst decision-making and judgment to handle the massive scale and repetitive tasks necessitated by today’s threat landscape is exactly what we aim to do.
I often use an analogy to self-driving cars – cybersecurity is centered around people doing all the decision-making. The challenge for the industry is to think differently about the approach. Instead of relying on machines to assist the human, let’s invert the model and have humans assist the machine. It’s the only way out.