website/blog: automated versus human #7745
Conversation
❌ Deploy Preview for authentik-storybook failed.
|
|
Images automagically compressed by Calibre's image-actions ✨ Compression reduced images by 42.5%, saving 10.35 KB.
195 images did not require optimisation. |
✅ Deploy Preview for authentik ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
✅ Deploy Preview for authentik ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #7745 +/- ##
==========================================
+ Coverage 92.62% 92.64% +0.02%
==========================================
Files 588 588
Lines 29141 29141
==========================================
+ Hits 26991 26997 +6
+ Misses 2150 2144 -6
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
| --- | ||
|
|
||
| Automated security plays a large and increasingly overarching role in cybersecurity. With the growth of Machine Learning (ML) and Artificial Intelligence (AI), automation is frequently assumed to be the future of cybersecurity as a whole. However, thanks to the work of computer security experts like [Bruce Schneier](https://en.wikipedia.org/wiki/Bruce_Schneier), we've gained insight into the human adversaries that create the underlying problems in cybersecurity. | ||
|
|
There was a problem hiding this comment.
Suggestion:
Automation plays a large and increasingly important role in cybersecurity. Cybersecurity vendors promote their Machine Learning and Artificial Intelligence products as the inevitable future. However, thanks to the work of security experts like Bruce Schneier, we have more insight into the human adversaries that create the underlying risks to network security, and a better understanding of why teaching humans to have a security mindset is the critical first step to keeping your network safe.
|
|
||
| Automated security is such a popular option purely because of the current dynamics: | ||
|
|
||
| - On the one hand, there is a growing number of security incidents, instigated by systematic threat actors who may use the exact same auto security testing tools to find and target weaknesses |
There was a problem hiding this comment.
Question: systematic or systemic?
| - On the one hand, there is a growing number of security incidents, instigated by systematic threat actors who may use the exact same auto security testing tools to find and target weaknesses | ||
| - On the other, there is a shortage of trained cybersecurity professionals with adequate time resources to deal with those threats | ||
|
|
||
| Meanwhile, companies concerned about the security of their networks are facing the demands of savvy insurers keen to reduce their risks in turn, while CISOs are coming under increasing personal pressure, considering some have faced new warnings of personal liabilities (including jail time, as we wrote about in a [recent blog](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#repercussions)) from government legislators. |
There was a problem hiding this comment.
Suggestion: in turn
That's just padding. The text flows better without.
|
|
||
| Meanwhile, companies concerned about the security of their networks are facing the demands of savvy insurers keen to reduce their risks in turn, while CISOs are coming under increasing personal pressure, considering some have faced new warnings of personal liabilities (including jail time, as we wrote about in a [recent blog](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#repercussions)) from government legislators. | ||
|
|
||
| But it's not just a personnel problem. The nature of some cybersecurity approaches, such as penetration testing, also plays a part. Many of a security engineer’s tasks are repetitive and prolonged. Automated security testing means time can be freed up to make the best use of an internal security engineer or external pentester's resources. |
There was a problem hiding this comment.
Question: "Automated" or "Automating"?
"Automating security testing can allow your internal security or penetration testing teams to make better use of their time and resources."
|
|
||
| But it's not just a personnel problem. The nature of some cybersecurity approaches, such as penetration testing, also plays a part. Many of a security engineer’s tasks are repetitive and prolonged. Automated security testing means time can be freed up to make the best use of an internal security engineer or external pentester's resources. | ||
|
|
||
| Finally, it is impossible to deny that securing the perimeter (running regular scans for misconfigurations and unusual behavior) and enforcing robust security policies are all impossible to deploy without some automation. 24/7/365 monitoring, processing massive data sets, and rapid threat detection and remediation all call for significant automated elements. Automated security is also key in helping scale cybersecurity operations to match company, staffing, system, and platform growth. |
There was a problem hiding this comment.
Question: "...are all impossible to deploy..." or "...are all but impossible to deploy..." ?
|
|
||
| ### Human elements of cybersecurity | ||
|
|
||
| Even in a cybersecurity system that is maximally automated, there is human input that can never be removed. Obviously, human experts are needed to guide the automated systems in their functioning. Automation technology depends on humans to set rules and workflows, monitor results over time, and rapidly prioritize then respond to alarming findings. |
There was a problem hiding this comment.
Suggestion: Remove the comma in the first sentence. It flows better.
|
|
||
| Even in a cybersecurity system that is maximally automated, there is human input that can never be removed. Obviously, human experts are needed to guide the automated systems in their functioning. Automation technology depends on humans to set rules and workflows, monitor results over time, and rapidly prioritize then respond to alarming findings. | ||
|
|
||
| Once new and significant threats are detached by the automated security, it is human experts again who have to adjust the performance of the automated system as a response to this changing environment. Any further changes need humans to evaluate the performance of automated systems in real-time. Finally, it is humans who train staff in cyber threat detection for these new dangers. |
There was a problem hiding this comment.
Typo! s/detached/detected/
|
|
||
| ### Human-centered cybersecurity | ||
|
|
||
| Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset. |
There was a problem hiding this comment.
Suggestion: Remove the first comma. "Despite the growing technology around automated security and the temptation to relax when it is deployed..." Make the temptation to relax an intrinsically bad idea that's somewhat natural when deploying automation.
|
|
||
| Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset. | ||
|
|
||
| - The human ability to think creatively and rapidly adapt to changing situations are invaluable to good security processes. |
There was a problem hiding this comment.
Hmm. There's a singular/plural problem here. Maybe "abilities," since you list two? Or "ability to think creatively and adapt rapidly to changing situations...?"
There was a problem hiding this comment.
oooff good catch thanks!
| Despite the growing technology around automated security, and the temptation to relax when it is deployed, there are human factors that are irreplaceable in the practice of cybersecurity. We recently wrote about the importance of the “Blue Team” and how [organizational and product hardening](https://goauthentik.io/blog/2023-11-22-how-we-saved-over-100k#hardening) are an integral part of our human-centered security mindset. | ||
|
|
||
| - The human ability to think creatively and rapidly adapt to changing situations are invaluable to good security processes. | ||
| - The higher the security risk, the more related processes must be supervised by skilled security professionals. |
There was a problem hiding this comment.
This is a humans-first essay, so, uh, let's put the humans first: "The higher the security risk, the more you need skilled security professionals to supervise the security process."
This week's blog ready for review and approval.
make website)