Recently, I spoke with Courtney Hughes about the mutually beneficial relationship between machine learning and human intelligence. In the episode, Courtney and I discussed how companies in the security industry too often rely on automation and machine learning to catch threat actors at work. In doing so, they misunderstand one critical factor: cybercrime is perpetuated by a human using technology, social engineering, and other methods to attack their victims. And so, cybersecurity does not address a straightforward technology-only problem.
CIOs and CISOs today face a human adversary with a lucrative business model that is empowered by shared tools such as ransomware. Just recently, we saw adversaries infiltrate an innocent victim to leverage what is typically perceived as a safe and routine technology action – a software upgrade – for nefarious purposes. These threat actors have no scruples about using their tools against the most vulnerable targets...the schools teaching our children, hospitals treating pandemic patients, pharmaceutical companies developing and delivering the vaccine, and so many more.
Controls are only as strong as your end-user is vigilant, as there is always a human on the other side that will work to evade or weave between even the best-intentioned controls. Security experts must be ready to quickly detect and remediate threat actors that evade those controls. This requires the ability to understand how disparate events and alerts fit together into a holistic picture of malicious activity.
To truly beat the adversary at scale, the security community must leverage the relationship between machine learning and human intelligence. Both machines and humans bring different skills and capabilities to the table, and at Secureworks®, we are focused on creating the optimal balance between the two with an integrated platform and flexi ..