Why Unemployed Software developers are a cyber security threat?

uncaptioned
Software exists to make things we want to repeat -- in the exact same manner, time after time -- easy to access. When I press the “W” key, I expect a bunch of pixels to be placed on the screen in the shape of a W. I want this response to occur every time. Letters are then organized into words, then into sentences and then Microsoft Word. All highly stable, repeatable methods that are tried and true, wrapped in a user interface (UI) that makes it easy to access every repeatable routine.
Even the way in which change is made is very slow, thoroughly tested and primarily focused on stability over the speed of change. It is all well and good to enable blue text, but it would be terrible if pressing the keys for a blue W outputted a Z.
None of these aspects describe anything in cybersecurity. Cybersecurity is warfare, strike and counterstrike. It's chaotic and continuously changing.
Products = Stable, repeatable methods

Enterprise = Optimized, stable operations
Cybersecurity = Continuous adaptation
So, why is cybersecurity built as enterprise software, and why is that software placed into operations that require optimized, stable performance? Software developers — that’s why.
The first true virus, the Creeper, was released in 1971 by Bob Thomas. More importantly, that same year, Ray Tomlinson wrote the first cybersecurity product called the Reaper, which killed off the Creeper.
We have been doomed ever since.
A common misunderstanding is that hackers are elicit groups sitting in basements somewhere launching random attacks. The reality is that hacking is a full-time job, as evidenced by the well-financed APT41 group out of China or the Carbanak group out of Spain, which stole over $1 billion. Hackers use a series of tools and active, dynamic processes to constantly infiltrate their targets. Nothing is static; nothing is stable. Everything is in constant flux.
Slow-moving cybersecurity software just doesn't work and can't keep up with soon-to-be full-time, AI-driven hacking efforts.
A Dynamic Solution
To overcome the increasingly sophisticated world of real-time hacking, cybersecurity needs to go from software to service. While many companies tout a “service,” they are still using software, still rolling out slow updates and still placing cybersecurity experts in operations. Cybersecurity experts should never be allowed in operations.
To enable services, the first step is to get cybersecurity out of the enterprise and to move it to a location where the security system can churn and change and not cause issues to operations. This move can be down to the core of an enterprise, or it can be placed around the perimeter (although perimeter defenses are becoming obsolete).
Once these solutions are moved out of the way and can change without disruption, cybersecurity has to move from hard-coded behaviors to dynamic workflows that can be rapidly changed at any time. While dynamic, these same workflows can encapsulate complex remediation steps to empower operators while still keeping the experts out of operations. This approach eliminates the artificially-manufactured need for more cybersecurity experts while enabling scalable protection for rapidly expanding enterprise systems.
Once this foundation has been created, AI can be properly introduced in a manner that is helpful to companies. Using machine learning and AI to help filter noise out of operations while searching for anomalies is not useful for customers. Leveraging AI to automatically remediate issues, deploy those solutions to other vulnerable endpoints and solve issues proactively, at scale, without human intervention? That is the proper use of AI in cybersecurity.

By moving from static enterprise products and their evil software developer overlords to dynamic workflow-based, transparent services, cybersecurity can finally achieve the safe, stable operations that have been its core promise for decades. Until then, enjoy ever-worsening years of hacking.

Comments

Popular posts from this blog

Documentation is Very vital before you develop any system or app

Everything you need to know when developing an on demand service app

Steps followed when creating a new software