+
EDITOR’S QUESTION
/////////////////
GORAV ARORA,
SOLUTION ARCHITECT
AT THALES
W
ith new threats emerging every
day and explosion of data needed
for analysis, businesses can no
longer have a black and white approach to
cybersecurity when it comes to humans vs.
automation and Artificial Intelligence (AI). It
should not be about which is more effective,
but rather how to utilise the strengths of each
in spotting the vulnerabilities a business has.
AI and automation are already having a
massive impact on cybersecurity. In fact,
with a machine’s ability to analyse large
amounts of data quickly, learn from trends
and detect anomalies in data in real-time,
everything from how we detect, protect,
manage and mitigate threats, will help us to
continue to fight the attackers head on.
However, AI and automation do have their
limitations, such as the reliance on the data
it has been trained with and its inability to
convey new threats to the business. If, at
point of entry or anywhere along the daisy
chain, the data has a mistake or has been
tampered with by an attacker, the error will
continue down the chain and the end results
will be wrong. This is where humans must
ensure that the right security protocols are in
place, with encryption, key management and
device and human authentication to help
mitigate any outside threats.
For humans, our strengths reside in our
ability to be situationally aware. Businesses
should be hiring people that have the
www.intelligentcio.com
“
RATHER THAN
FOCUS ON WHICH
IS BETTER,
BUSINESS
LEADERS SHOULD
BE LOOKING
AT A HYBRID
APPROACH
TO SPOT AND
PREVENT THE
VULNERABILITIES
IN THEIR
COMPANIES.
capabilities to understand the continually
evolving risks facing the company – from
outside threats, to identifying the internal
processes that could be making the
organisation vulnerable. This is particularly
relevant for emerging and developing
threats which AI would not be aware of due
to the lack of data around this.
Humans can also operate as ethical hackers
whose job is to think like cybercriminals
in understanding the vulnerabilities a
business has that a hacker would look
to exploit. Having automation in place
frees up humans to search for signals and
correlations, to be able to focus on the
emerging/novel threats and also gives them
the space to communicate this back to the
rest of the business.
So, rather than focus on which is better,
business leaders should be looking at a
hybrid approach to spot and prevent the
vulnerabilities in their companies. n
INTELLIGENTCIO
35