Security teams are unsurprisingly risk-averse by default, with most adopting the mentality that things cannot be allowed to go wrong. However, this desire for complete control is, in fact, exposing their business to other significant risks, as they face neglecting new solutions and becoming overwhelmed as a result. The CISO must do away with this mindset to keep pace with today’s cyber-criminals. In fact, it’s time for a ‘risk reset.’
Despite the increasing number of daily alerts and threats organizations face, many still rely on manual processes and controls when managing their security measures. But, that’s why automation plays a vital part in modern cybersecurity. Technologies such as machine learning and artificial intelligence (AI), if implemented correctly, can transform threat monitoring through not just real-time detection of issues but also intelligent automated responses.
Offloading this responsibility to ‘machines’ can be a daunting topic for many CISOs – but it’s one they can no longer ignore. Cyber-criminals have already made the leap to automation, so a critical shift in this cognitive dissonance towards embracing automation has become more important than ever.
Now is the Time for CISOs to Change
The challenge is that businesses assume their existing cybersecurity measures are protecting them effectively from everyday threats. According to research from BT, 76% of CISOs rate their organizations’ IT strategy as excellent or good at protecting against cybersecurity threats; however, 84% also say that their organization has suffered data loss or a security incident in the last two years. Clearly, something doesn’t add up. There is evidently a disconnect between the CISO’s mindset and what is actually happening.
So, why are CISOs so reluctant to give up control in favor of automation? They are hesitant for several reasons, but trust is undoubtedly one of the most significant barriers to adopting automation. The idea of machines making decisions, taking control of certain security measures and potentially causing mistakes or interfering with operations can be overwhelming for security leaders.
What’s more, this idea of trust also trickles down to the third-party providers who many turn to for AI adoption. Businesses are unconvinced that these vendors know their organization well enough or understand the intricacies that come with cybersecurity.
Many also get hung up on the idea that they must be ‘all in’ to incorporate automation into cybersecurity efforts. However, this myth that automation must be implemented without human intervention must be debunked. Each company faces different types and levels of threats, depending on the sector they operate in, and automation can be adjusted to create a partnership between machine-assisted and human-led decision-making effectively. If done well, this approach will enable AI to learn from the human so that it begins to offer better and even more intelligent decisions – eventually to the point where the human no longer needs to be involved.
So, now is the time for a philosophical shift when it comes to approaching security. With modern cyber-attacks now heavily automated, businesses will not be able to survive without automation.
Enter Artificial Intelligence
Ultimately, automation levels the cybersecurity playing field. The most obvious use case for AI is speeding up and improving the efficiency of mundane security tasks. With vast amounts of data available, it can be hard for security teams to pinpoint the relevant intelligence to their business.
AI-powered automation can help make sense of this, freeing staff time to focus on more pertinent, high-priority threats. This is especially important when you consider that cyber-skills are scarce within many organizations. If a new threat is identified, automation can be used to implement updates and patching to protect networks faster than an attack spreads and minimize its impact.
Better still, and paramount for staying ahead of the threat landscape, AI can go a step further to predict behaviors so businesses can be prepared and react to new threats faster. Contrary to popular belief, it doesn’t require a ‘rip and replace’ either. When done well, automated solutions can be integrated with existing technologies across the security ecosystem so that organizations are able to both optimize their capabilities and identify gaps in their defenses without having to replace existing investments.
Turning the Tide With a Trusted Partner
Organizations struggle to deal with the sheer scale and pace of today’s cyber-threats. Additionally, many security teams are being pushed to their limits. As a result, CISOs must recognize that they can no longer rely on having complete control over their security and require automation to take on the increasing wave of cyber-threats.
The mindset of ‘things can’t go wrong’ means that the significant benefits of new solutions are being ignored due to the risk that adopting them may cause some disruption or the possibility of error. Attempting to avoid all possible risks is counterproductive, as this way of thinking will eventually leave businesses and customers exposed to a barrage of threats. This may not only impact a business’s profit margin but can cause long-lasting damage to a brand’s reputation.
To solve this puzzle, it’s time to look again and bring in a like-minded partner to manage the day-to-day, unlocking a CISO’s time and energy to focus on where they can give their company an edge. In a future, ideal world, organizations won’t have the burden of managing time-consuming and repetitive tasks and take a more proactive stance toward tackling other, more unpredictable threats. Therefore, a risk reset is vital, and there is no better time to implement change than now.
Steve Benton CSO, BT Security