At the inaugural International Cyber Expo, The Guru team got the opportunity to chat with Chris Roberts, Business Development at Fortinet to better understand how the cybersecurity industry is using automation, whether there will come a point where human intervention is needed as well as hearing how it is helping security teams during the current skills shortage.
For Roberts, automation has helped the cybersecurity industry immensely, both in terms of the technology and solutions that have spawned from its arrival but also in alleviating some of the strain placed on organisations.
With the lack of skilled people within our industry, with automation, you can address issues 24/7. Automation is helping the cyber industry enhance and distribute threat intelligence quicker than ever before.
When speaking with customers, the need for better and quicker intelligence to lower their time to detect a threat is key and we want to get this as low as possible. This will in turn reduce their time to remediate metrics. We are seeing the productivity of threat actors rapidly increasing – for instance we are seeing double the number of ransomware attacks, so we want customers to protect their data and improve their detection and response times and automation is helping us achieve that.
There is a lot of value in automation, and I think organisations are starting to realise that across all verticals. We will see a large increase in automation as we progress through the next 12 to 24 months.
With that said, Roberts believes automation is only part of the answer when tackling modern threats seen today and explains how Fortinet has been harnessing its capabilities to remove mundane tasks.
We [Fortinet] have automated the distribution of the latest indicators of compromise (IOCs) and saved a load of time for the SOC analysts to ultimately allow them to do more interesting threat hunting activities. So, they get less bored. They don’t wake up getting excited about firewalls etc.
These individuals get excited about examining the latest behavioral movements of an ATP or malware. We are seeing huge rises in Ransomware as a Service where for less than a couple hundred dollars threat actors can get their own customisable malware service kit. Also, bug bounties are happening in this underworld whereby ransomware groups are offering bug bounties for their ransomware threats. It has become a fully-fledged industry now.
So yes, automation is great in helping to tackle the difficult fight against the latest security threats.
Yet, with this new reliance on Automation, is there a real risk that human intervention could be replaced entirely, and jobs being lost? Industry professionals surveyed felt that by 2030, AI would replace humans in cybersecurity…
At the moment, no, but who can predict the future. Right now, automation is there to add value. Whenever I talk to customers the first thing, I say is we are not talking about automation to replace people. We are talking about utilising automation to remove boring mundane tasks. By taking these away, we enable your employees to have more time to train and elevate themselves by allowing them to concentrate on threat hunting or project related work. This ultimately creates more value to the organisation by removing the incredibly boring work that no one wants to do.
There will always be a critical place for a human within cybersecurity and to be part of the process.
The conversation then steered to how the industry can close the skills gap and how everyday people can play their part in improving cyber hygiene. Robert’s claimed that it is everybody’s responsibility whether they like it or not to participate in cyber hygiene.
Everyone has an opportunity to improve their own understanding. As a result, it will make their use of technology more enjoyable, pleasurable and will probably have a lower level of fear when using these devices because of the raised cyber hygiene knowledge. This will then have a positive knock-on effect on industry as there should be less devices in use that are at risk of compromise – whether that be botnets, RATs etc.
During the pandemic, Fortinet announced that our training material would be made free of charge allowing members of the public the opportunity to improve their cybersecurity awareness. Signing up was free and it was great for families to give them a level of understanding that would benefit them now and in the future.
Bringing an end to the discussion, Robert’s has no doubt that automation is here to stay with its impact on the cybersecurity industry being more than noticeable in helping in the fight against cybercrime. Roberts believes more can be done, especially by the everyday person, to take responsibility upon themselves to improve their own cyber hygiene. However, to say that cybersecurity can totally depend on technology without human intervention is too bold to say. Instead, striking a balance between human expertise and automation will be the desired combination in years to come for successful cybersecurity.