Context is the mortar and AI are the bricks that stand up the new cyber platform
Thanks for putting your vision on the future of security into words Tyler! Very interesting read.
What you are describing sounds as the security holy grail to me: see across the whole environment, find the issues, prioritise, get to the root cause and finally fix them automatically.
That sounds really great!
Then I use copilot/chatgpt in my daily work, and find myself arguing with it about some obscure (in the best case) or obvious thing it missed, which changes the whole dynamic of an issue.
Maybe the tool is good and I’m just using it wrong. Maybe we’re on a power law with AI capabilities and I’m not able to extrapolate well. I’m not sure.
To be clear, I’m not arguing AI/LLM’s aren’t going to be the thing in cybersecurity for the next few years. But what you’re describing does seem like a lot to ask of it.
Especially with how it seems to have the tendency to be right in 90% of the cases, but spectacularly wrong in 10% of the cases.
Instead, I think it’s an additional tool in our arsenal, to be used on top of our other tooling. We have potential security issues where we don’t have any context (for example: a code linter looking at string concatenation in sql queries), where the fix is so cheap/quick/easy, it is a no brainer.
I wouldn’t start relying on a finicky AI, if I have a stupid tool which works consistently in 100% of the cases.
So anyway, this comment turned out to be a “right tool for the job” manifest… :-) I’m excited to see what the future holds!
Couldn’t agree more. A new standard will need to emerge. Elimination of AuditBias requires a standard like the Zerobias - cyber, digital & risk assessment standard. https://www.linkedin.com/groups/14345270
I enjoyed this post. I feel optimistic that Microsoft's Security Copilot may end up being a good example of some of the progression you've highlighted here.
Ant Group, a Chinese financial technology company, is developing a framework called Aspect-Oriented Security, and it plays a role in many real network environments to provide enterprises with unique and accurate contextual information for security observations. It seems that everyone is moving towards the same cybersecurity architecture goal. Hope to discuss it with you all. email@example.com