Many discussions of the human element in cybersecurity center on human fallibility and error. From misconfigurations to selecting weak passwords to phishing emails, user errors play a visible role in cybersecurity incidents. It is important to remember, however, that businesses largely depend on human skills and expertise to thwart cyberattacks.
Yet recent technological developments, particularly in the field of artificial intelligence, have called into question the future of this reliance on the human element in cybersecurity. Is human intervention even necessary in a world of advanced and automated AI-based security solutions? Here’s why the human element still matters.
According to a 2021 survey of 500 IT managers, 32% of respondents believe that AI will completely automate all cybersecurity tasks, with little human intervention. This perception of less human importance in cybersecurity likely stems from the rapid and continued advances in AI. At the heart of the problem is the belief that AI will automate and thus replace everything humans can do.
The discipline of cybersecurity has benefited enormously from these technological developments, with examples such as:
- Attack surface management solutions that now almost completely automate the once human-dependent and daunting task of mapping and monitoring the various points in a system or network where attackers can penetrate.
- Email security solutions are increasingly leveraging AI to detect and block phishing emails, potentially eliminating any need for ongoing user training and awareness as the tools become more granular.
- Security, orchestration, automation, and response (SOAR) tools use AI to automate many tasks for security operations teams.
The emergence of amazing language models like ChatGPT-3 and comments about its societal impact have naturally fueled new concerns in many industries about job security in the face of this sophistication. After all, ChatGPT effortlessly finds security holes in code and even writes scripts for common security tasks. It’s not too difficult to imagine an improved future model that performs a host of useful cybersecurity tasks at a speed and scale unmatched by humans.
In an already tight labor market for talent, an additional concern here is that people might feel deterred from considering careers in cybersecurity if common roles are seen as susceptible to being replaced by AI.
Technology increases safety skills
A better way to frame technology is that it increases the security skills available in organizations. The role of the cybersecurity analyst may change as technology evolves, but this role will not be redundant. Here are some examples of how the technology is streamlining security tasks and workflows:
Security Operations Centers
Faced with IT ecosystems filled with thousands of daily events, security operations teams must determine what is malicious and what to ignore. Dedicated SIEM solutions collect and correlate data from tons of different logs, tools, and other sources, but even this level of automation still comes with the task of deciding which alerts to prioritize and which are false positives. Here, automation replaced manual data collection and analysis, but it didn’t make human input redundant.
To go further, let’s look at the emergence of security, orchestration, automation and response (SOAR) tools in recent years. These tools add an extra layer of automation to security operations centers by creating automated workflow playbooks based on alert data. The result is that human security analysts can now react faster and more effectively to real threats by automating the manual and time-consuming tasks involved in incident triage.
Supply Chain Risk Management Software
Managing software supply chain risk is an increasingly important challenge in managing security risks from external sources in your applications. Modern applications are deployed on a virtualized infrastructure and composed of proprietary and open source code. Manually tracking and securing components in all enterprise-deployed applications is no small feat.
Fortunately, automated solutions like software composition analysis (SCA) help security teams identify and track open source components in their code. SCA makes it easier for security teams and developers to remediate software supply chain risks related to vulnerable code artifacts.
The uniqueness of the human spirit
So what do people bring to the table that technology doesn’t?
The commercial understanding people have of machine learning models and other advanced technologies makes them unlikely to be replaced anytime soon. Humans have in-depth knowledge of the nuances of their business, the interaction between people and technology, the level of cybersecurity awareness, the regulatory environment, and the overall strategic goals of the business. This knowledge plays a central role in any comprehensive cybersecurity program; it’s not enough to detect threats faster or automate more tasks.
Descriptions of creative thinking often use the metaphor “thinking outside the box”. Cyber analysts need this capability to identify new, unforeseen threats or develop new ways to overcome security challenges. Penetration testers need these skills to try out a host of different unconventional attack methods.
When considering the creative abilities of the AI, it is important to note that its creativity is limited to “inside the box”. In other words, AI systems can only think creatively based on the data they were trained on. Humans do not have this constraint on their creativity.
Emotional and psychological intelligence
While many cyberattacks use the help of tools, botnets, and algorithms, behind these operations ultimately lies a human threat actor(s). Predicting, understanding, and modeling cyber threats must always consider the motivations that guide cybercriminal behaviors in addition to the psychological flaws that make human users vulnerable to errors that allow hackers to enter. This emotional and psychological intelligence required for cybersecurity makes human input a necessary component. puzzle.
Humans are here to stay!
The fear of technological progress making human skills superfluous has long-standing roots in the human psyche. Ever since machines began to replace people in the industrial age, new technological improvements have raised both concern and optimism.
The argument here is that the human element in cybersecurity remains vital and will remain so for the foreseeable future. AI and technology will change the roles of security as they free up resources from menial or repetitive tasks to more value-driven production. But it will be an augmentation rather than a replacement.
Any further reduction in the talent pool driven by concerns about the feasibility of cybersecurity as a career path will lead to increased demand and need for outsourced and managed security services. If your business is currently struggling to meet its internal cybersecurity needs, Nuspire’s suite of managed services includes managed detection and response, vulnerability management services, and consulting. Contact us today to learn more about how we work to be an extension of your team.
The post Cybersecurity: It’s More Than Technology – The Human Element Matters Too appeared first on Nuspire.
*** This is a Nuspire Security Bloggers Network syndicated blog written by the Nuspire team. Read the original post at: https://www.nuspire.com/blog/cybersecurity-its-more-than-just-technology-the-human-element-matters-too/