Imagine, if you will, that your job was not in technology as we know it, but rather that you got paid to build Lego sets all day – one specific Lego set, in fact: Han Solo’s spaceship, the Millennium Falcon .
Copyright by www.computerweekly.com
Sure, it might be fun for a few days, but after completing your sixth, seventh or eighth Millennium Falcon, eventually you’re going to get bored out of your skull. Infographic: 5 ways to achieve a risk-based security strategy
Learn five steps for implementing a risk-based security strategy that naturally delivers compliance as a consequence of an improved security posture.
As we snatch 20 minutes to chat during a break at a recent summit on all things digital and cyber, hosted by the Irish government in Dublin , Microsoft’s vice-president of cyber security, Ann Johnson, draws just such an analogy.
“If you think about an SOC [ security operations centre ] admin – they have a brain that needs to be challenged,” she says. “If I keep handing them a Lego kit that always builds the Millennium Falcon, and that’s the only thing they ever get to do, they’re going to get bored eventually.”
So what does this have to do with cyber security, and () in particular? Don’t worry, this wasn’t just an excuse to shoehorn in a Star Wars reference. This is going somewhere.
“We see so much signal, right?” says Johnson. “Too much. And so you need to rationalise all that signal that we see. But when becomes more than , something that reasons and thinks – it will help our analysts work better.
“We have now learned that analysis plus is a much better outcome. It will help them work better, smarter and faster. I talk about the automation of low-level tasks a lot – that’s because I want our humans working on complex stuff for two reasons: number one, they’re better at it; number two, they get bored.”
Let’s pivot back to Lego for a moment. If you give the same Millennium Falcon kits to the to build, the human master builders – or security analysts – can go away and challenge themselves with something new. Perhaps the Tower of Orthanc from Lord of the Rings, the Ghostbusters’ headquarters, or the Shield helicarrier from the Marvel Cinematic Universe.
Or as Johnson puts it: “ actually helps us discern what is a really complex task and what is a really simple task and then, using automated remediation on those simple tasks, we can let the humans work with the on the really complex tasks, and that’s the place we want to be, because then you start getting much better outcomes, you get faster outcomes. […]
0 Comments