For the last 20 years, spending to solve cybersecurity goals has exploded to more than $100 billion annually. Security vendors tout advances in detection and protection that will provide the relief that has evaded the craft since its formation. The most recently heralded messiahs are machine learning (ML), security orchestration automation and response (SOAR), and artificial intelligence (AI).
For those of us who have been dumping budgets and hope into 20 years of broken promises, we find it very difficult to muster any degree of hope in the next round of techno-salvation. Five years ago, my suspicion turned to outright rebellious indignation and I started evaluating everything I believed to find a better path to sustainable cybersecurity operations (SecOps).
The first error that we made building SecOps is aligning its outcomes with those of information technology (IT). IT is an extension of manufacturing with success defined as the ability to create, ship, store, and transform data and services. Because much of SecOps craft knowledge came from IT, we built philosophies, semantics, and tactics to deliver the outcome of protecting and preserving IT services and data.
After a few decades of struggling to understand recurring and persistent failure in SecOps, the craft has begun to realize that SecOps has very little to do with IT. Instead, SecOps is a component of law enforcement and national security with outcomes demanding punitive actions to cybercriminals.
Another piece of cultural baggage we developed was separating digital life from real life. When users started logging on to the Internet in the 1990s, ..
Support the originator by clicking the read the rest link below.
