Skip to main content

Wrong Automation

For those curious about cybersecurity but lacking any practical knowledge of the domain, it is often hard to come across articles that easy to follow along. This one about the myth of workforce shortage in cybersecurity is a good read.

Traditionally, enterprises have treated vulnerability management as a manpower and triage problem. They assembled lists of CVEs that their scans turned up and argued over which ones to patch. Every day the list grew, and every quarter CISOs tried to make the case for additional hires.

Application of data science to this problem has shown that companies can — and do — make meaningful risk reductions with available resources. That's because the small cadre of hackers capable of developing new exploitations are highly likely to follow well-worn patterns. A complete analysis of decades of threat data bears this out.

I wonder if there is another contributing factor to this workforce dilemma. The exploits are carried out by hackers and there is a cult of personality that goes with it. If vulnerability management is automated for the most part then its takes away from the super-powers of the people who are in charge today. It's the fight between good and evil where the personalities behind the stories matter. Reminded me of this very ludicrous movie Swordfish which makes a joke of the world of hacking. Imagine replacing Hugh Jackman with an algorithm - that would be untenable.

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Part Liberated Woman

An expat desi friend and I were discussing what it means to return to India when you have cobbled together a life in a foreign country no matter how flawed and imperfect. We have both spent over a decade outside India and have kids who were born abroad and have spent very little time back home. Returning "home" is something a lot of new immigrants like L and myself think about. We want very much for that to be an option because a full assimilation into our country of domicile is likely never going to happen. L has visited India more often than I have and has a much better pulse on what's going on there. For me the strongest drag force working against my desire to return home is my experience of life as a woman in India. I neither want to live that suffocatingly sheltered existence myself nor subject J to it. The freedom, independence and safety I have had in here in suburban America was not even something I knew I could expect to have in India. I never knew what it felt t...
111 comments
Read more

Under Advisement

Recently a desi dude who is more acquaintance less friend called to check in on me. Those who have read this blog before might know that such calls tend to make me anxious. Depending on how far back we go, there are sets of FAQs that I brace myself to answer. The trick is to be sufficiently evasive without being downright offensive - a fine balancing act given the provocative nature of questions involved. I look at these calls as opportunities for building patience and tolerance both of which I seriously lack. Basically, they are very desirous of finding out how I am doing in my personal and professional life to be sure that they have me correctly categorized and filed for future reference. The major buckets appear to be loser, struggling, average, arrived, superstar and uncategorizable. My goal needless to say, is to be in the last bucket - the unknown, unquantifiable and therefore uninteresting entity. Their aim is to pull me into something more tangible. So anyways, the dude in ques...
6 comments
Read more

Changing Pace

This blog has been a big part of my life for the last five years. Besides giving me the opportunity to connect with a number of interesting people and share my thoughts and ideas with them, it has been a form of daily meditation for me. No matter what the day threw my way, I made a very deliberate effort to find a little quiet time to write.The process of thinking about what to write and then the act of writing itself worked as an antidote to aggravations big and small. Five and half years ago, when I started Heartcrossings both my personal and professional lives left a lot to be desired for. The only real happiness I had was in being J's mother. While that was often enough to make me forget what I did not have, I sorely needed a third place to call my own and shape in the likeness of my dreams. This blog has been where there were no limits or constraints and that was absolutely exhilarating - it is the reason I have been able to nurture it for as long and as much as I have. A lot ...
25 comments
Read more