Cyber-attacks and data breaches routinely make headlines in the largest publications and broadcasts in the world. Millions have read and watched as news journalists explain exactly what had happened during the Proton Mail attack or the BBC hack. The access and manipulation that can happen when communication outlets are targeted is a very real and dangerous issue.
This issue, however, is complicated by the unique operating environments of these cyber-attack targets. Multiple locations, countless access points and very motivated attackers all contribute to the complex task of network protection. As cyber-attacks become more automated and more sophisticated, the adaptability of security professionals is paramount.
ADAPTING TO AUTOMATION – WITH AUTOMATION
A network environment and all of its branches need to detect threats with high quality in one location and then react in all operating environments. Changes to the affected systems then must be orchestrated quickly and universally. So given these circumstances and what’s on the line, what does the perfect security model look like?
While I can’t opine definitively on which vendor or tactic is best, I have seen the future information security. Network defenses will continue to succumb to the endless barrage of complex attacks and the immeasurable onslaught of new techniques because we can’t keep up. Manual defenses can’t keep up.
The notion of humans deploying detection technologies and choreographed responses like attack mitigation in real time will fall away – because it has to. Human interaction with cyber defense will be better seen for what it currently is, imperfect and unreliable, in the face of attacks that are largely automated and mostly reliable, if not perfect.
The fall of human cyber-defenses will be replaced with the security bots of the future. Okay, perhaps this is an overstatement, because I do have several caveats. I don’t mean the design, the caretaking, or the break-fix of information security will permanently go away, but much of the activities of current security professionals will be overcome by automation.
ARE CYBER-BOT DEFENSES THE ANSWER?
Many of the operational and critical functions of information security as we know them today will be replaced by bots because of the value they deliver. Functions like network and application security, compliance, cyber-attack mitigation, incident response and disaster recovery will no longer be a human task.
A version of this switch to automation has already started in several industries and the technology will exist. Look at stock and equity trading. There are no more people at the NYSE doing trades, because they are too slow, too inaccurate, too emotional and too unpredictable. Bots are also increasingly being used to conduct legal research, to test drugs and even to write blogs.
SHOULD YOU AUTOMATE?
If something is more affordable and perhaps more effective, generally an organization’s preference is to automate – whether that be a computer, a process or a bot. So, what areas are most ripe for quick replacement by bots? Well, that is anyone’s guess but companies are searching all over the startup world for automated solutions to the following security problems:
- Compliance: The days of spreadsheets and attestations give way to portals and self-reporting.
- Security Vulnerability Testing: Vulnerability assessments will not need to be as heavy handed and personalized. These activities cannot only more be automated, but conducted more frequently with better results.
- Incident Response: Today, these processes are wrought with the latency of human interaction. They are vulnerable to fast moving attacks which take advantage of the human decision making loop – this is too slow to keep up with automated attacks.
- Governance: We can picture a day whereby corporate policies are fed into tools which constantly monitor the work environment for violations in an automated fashion
- Security Operations: There is decreasing value associated with people watch detection technology. These roles will find themselves integrated into automation and orchestration software programs which can quickly and automatically react to attacks.
THE FUTURE IS BRIGHT
The future of security is not bleak for the security professional who understands how to put in place this automation and orchestrate and fix white-hat bot problems. However, if you are security “wrench-turner” your wrenches are soon to be pixelated. As costs rise and concerns meet a crescendo, business executives are being met with new technologies designed to handle threats in an ever-increasing automated fashion.
Automated ‘white-hat’ bots will slowly ebb the tide of hiring security professionals. If you strive to excel in the world of modern networks, the faster you migrate to a high quality, agile detection and mitigation environment which can be customized and self-healed, the better for your continued success.
Learn more about cyber-attack detection and trends in the 2016 Global Application and Network Security Report.
Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.