Page 45 - index
P. 45
“Man Over Machine”
Brian Beyer, co-founder and CEO, Red Canary
When faced with an emerging threat or visibility gap, we in the security industry have a
tendency to look first to hardware and software for a solution. Humans at this point seem to be
an afterthought in the data security wars.
This machine-first trend is clearly visible in the marketing material for many new and well-
established products and services that promise full solutions in a box, even in the fact of very
dynamic and varied environments.
Often, these providers attempt to be everything to everyone, with a veiled implication of the
proverbial “silver bullet” to anyone’s security problems.
It’s true that researchers are making impressive advancements in machine learning, artificial
intelligence, and similar technologies from the science fiction of recent past.
But this approach also introduced the disturbing practice of over-alerting from many security
vendors. They often err on the side of caution, which minimizes the chances of an actual
malicious event going un-alerted.
The market trend toward these ends is visible today. However, it is a deeply flawed one
because such solutions ignore the simple reality that our attackers are humans - and 200,000
years of human history has shown us that we’re pretty good at adapting to survive impediments
in our path.
Consider that the commercialization of any technology-based solution takes a lot of time - a
period during which the attackers are advancing as well.
As we’ve seen with the rise and fall of Antivirus, signature-based intrusion detection, and other
protective solutions, even a low-grade attacker can easily thwart such solutions soon after
deployment.
Another way to look at this comes not from the information security sphere, but the world of
competitive chess. After the famous “man vs. machine” matches came the concept of
“Advanced Chess,” which demonstrates that even a moderately-skilled human paired with a
computer gains a tremendous strategic and tactical advantage over a supercomputer alone.
There is some integral notion of human intuition that cannot be modeled. Of Advanced Chess,
Indian grandmaster Viswanathan Anand said:
“I think in general people tend to overestimate the importance of the computer in the
competitions. You can do a lot of things with the computer but you still have to play good
chess.”
45 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
