It can certainly be said that advances in technology have had a huge impact on cybersecurity in recent years. It was once the case that cybersecurity technology consisted of little more than a firewall and antivirus software. Today, we see a changed landscape of managed services, constant monitoring, and instant analysis.
Given the rate of change in technology, you may consider human input in cybersecurity to be something that perhaps isn't as necessary as it once was. In this article, we take a look at the role of humans in cybersecurity to see whether we are still vital to the cause or whether it can now be left to software and machines.
Some might say that the human in cybersecurity is diminished. As a simple example, consider the idea of passwords. It was once the case that passwords were a cornerstone of the role of humans in cybersecurity. You would choose a password that only you knew, and without that password, no one could get access to your account.
Of course, the idea of the password is still there, but as cybercriminals have become adept at "cracking" passwords via the use of software, there has had to be an advance in technology to deal with the issue. And it didn't take very long for solutions to become available.
One of the first was the storage of passwords by internet browsers. Now, instead of having to remember all of your passwords, you simply need to set a strong password (which will be much harder to hack) and your browser will remember it for you. This went a step further with the rise of profiles, such as Google Accounts, which can remember passwords across multiple devices.
There is also the idea of password management software. This essentially fulfills the same role as a Google Account, with all of your passwords stored for you. However, password managers are independent software and can be used with any kind of device. With technology like this, there's no real need for human input at all. Software could auto-generate a password for you, and remember it, so you would never even know the password you use to login.
The issue of passwords is just one example, but in fact, there are many ways that technology has superseded humans in cybersecurity roles. Utilizing advances in artificial intelligence (AI) and machine learning (ML), cybersecurity technology is now able to provide services such as 24/7 monitoring and constant analysis in a way that is simply impractical for human cybersecurity staff.
So, does this mean that you can get rid of your security staff and leave it all to the software? Well, it's not quite as simple as that. Yes, these advances have meant huge changes for the way that InfoSec operates, there are still many things that can only be managed with human input.
Cybersecurity technology is very good at certain things: analyzing data for patterns, noticing irregularities, and monitoring incoming traffic instantly. However, cybersecurity technology is well-known for providing a great number of "false positive" results.
Cybersecurity technology can only look at the data it is presented with and apply its logic to it. This creates the situation where it might believe there is suspicious activity, but in reality nothing is occurring. It is typically the role of human cybersecurity staff to monitor the alerts provided by the software to determine if any of them are genuine attacks.
We can clearly see then that there is synergy here. Cybersecurity technology does a job that would be extremely arduous and time consuming for humans, and it does it without the capacity for human error. This has the big advantage of freeing a significant amount of time for human staff members.
Instead of having to trawl through massive amounts of data looking for anomalies. Humans are freed up to conduct more valuable work, which might include providing training to other members of the team, conducting manual research into cybersecurity trends, or updating software with new patches that fix known errors.
Cybersecurity is still very much an issue of work divided between software and human staff. There are many things that software and advances in technology can do that would be virtually impossible for humans. However, there are also things that software cannot carry out itself.
There are tasks such as penetration testing. This is a form of assessment where cybersecurity professionals use tools, techniques, and procedures (TTPs) used by criminal hackers, such as phishing, SQL injection, brute force, and deployment of custom malware. Pentesting is specifically designed to emulate the strategy and methods of human attackers; that is something that only humans can do.
Of course, there are many examples of things that humans bring to cybersecurity, and the reality is that they typically run harmoniously with the work of cybersecurity technology. It seems that despite incredible advances in cybersecurity tech, we will certainly still be seeing humans in cybersecurity roles for the long term.