Defeating Cyber Attacks on Your Business Will Require Humans and Automation – Small Business Trends

To defeat cyber crime, humans and robots are going to have to learn to work together. A new McAfee report released today sees a best case scenario where human threat hunters team with automation and machine learning technology to fight back against digital thieves.

The report Disrupting the Disruptors, Art or Science? makes it clear humans acting without help cant deal with the volume of data needed to thwart cyber attacks. It also stresses that one hand washes the other when it comes to the partnership between humans and technology in the fight against cyber attacks.

The new report classifies companies as mature and immature. The immature ones give their human cyber criminal hunters sophisticated tools and data and turn them loose in an ad hoc manner. But as these businesses mature, they come to rely on automation, analytics and other tools and refine their hunting techniques. The survey shows that once these processes are fully intertwined, the companies that are the most mature are more than twice as likely to automate large parts of their cyber crime investigations.

The results are 70 percent of these investigations are closed in a week or less. This compares with a rate of less than 50 percent for companies that havent optimized this balance between humans and machines.

Mo Cashman, Enterprise Architect and Principal Engineer for McAfee makes an important point about not putting the cart before the horse in the companys Threat Hunting Report Executive Summary.

This research highlights an important point: mature organizations think in terms of building capabilities to achieve an outcome and then think of the right technologies and processes to get there. Less mature operations think about acquiring technologies and then the outcome, Cashman writes.

The tools these firms use also vary with their maturity levels. For example, the organizations classified as the most mature are more than three times more likely to consider using various automation tools. These include user behavior analysis, endpoint detection and response as well as sandboxing. As the name suggests, sandboxing is about isolating suspicious programs or code so they can be tested separately without endangering your systems.

Customizing and optimizing also play key roles for the more successful organizations. Security Information and Event Management (SIEM) coupled with custom scripts are just two of the techniques used to automate processes. The human cybercrime fighters working in more mature firms spend 70 percent more time customizing techniques and tools.

The report also underlines the correct use of threat intelligence as another secret sauce to getting the best results.

The processes comes down to combining human judgement and intuition with pattern recognition and speed of automation. The report also stresses that human decision making can make a big difference. It notes successful teams fighting cyber security breaches use a tried and tested process. The Observe, Orient, Decide, and Act template was first documented byU.S. Air Force Colonel John Boyd .

The McAfee report surveyed 700 IT and security experts from firms with 1,000 to more than 5,000 employees worldwide.

Realistically, if you start your business from a laptop on your kitchen table or in the den, you may not have an IT team. But its probably a mistake to believe youll be too small to avoid the notice of cyber criminals.

And after your business has lost important client data, its too late to be thinking what you might have done. One thing the MacAfee survey highlights is the partnership between human judgement and automation.

Even in the early days, look for software and apps that can help you automate some of your security. Youll need to pay attention and update your systems regularly when patches and security improvements become available. Combine human judgement and automation to keep your data safe even when you cant afford an IT team.

Image: McAfee

Read more:

Defeating Cyber Attacks on Your Business Will Require Humans and Automation - Small Business Trends