The Goldilocks scenario in the economy is similar to the challenges faced in the cybersecurity industry with automation and AI usage in response to cyber threats. Chief strategy officer with Sevco Security, advises on finding the right balance between manual and automated responses, reliance on AI, and centralized versus decentralized management of response systems. While automation has evolved, a hybrid approach is still necessary due to past issues with false positives from automation systems. AI has the potential to relieve analysts of basic tasks, but the question remains on how much autonomy it should have.
AI, though a great tool for security analysts, is not infallible and requires training for specific tasks, much like a calculator for a mathematician. Training data for AI can also be tricky, as not everything that appears malicious is actually a threat. Therefore, experienced analysts are still crucial in the decision-making process. Most organizations prefer to have human oversight in making decisions on threat responses, making a hybrid human/AI approach necessary. Automated threat responses should therefore have a mix of human control and AI’s advanced capabilities.
Organizations must also consider centralized management of hybrid solutions, instead of separate solutions that can add up quickly and complicate basic management and troubleshooting. Hyperautomation systems can help in centralizing the capabilities of various solutions, providing an orchestration platform for working with AI and other automated systems. Decentralized management can involve too many people having access to a response solution, whereas a centralized approach with a small group of experienced individuals can make the process more efficient. The goal is to strike the right balance between manual and automated responses, ensuring that decision-making powers are retained by human analysts.
Implementing a partnership between AI, automation, and human analysts with centralized hyperautomation management can result in a threat response that is just right. While AI and automation can bring speed and efficiency to threat detection and response, human analysts are essential in ensuring that decisions are made accurately. By carefully implementing a hybrid approach, organizations can take advantage of the capabilities of AI and automation, avoiding relying too much on these technologies and striking the right balance in cyber threat response strategies.
