Masha Sedova, co-founder at Elevate Security, talks with Lisa Martin at the 7th Annual CloudNOW Awards from Facebook headquarters in Menlo Park, CA.
#theCUBE #ElevateSecurity #CloudNOW
https://siliconangle.com/2019/02/08/software-trains-away-human-slips-implied-in-95-of-security-breaches-topwomenincloud-startupoftheweek/
Software trains away the human slips implied in 95% of security breaches
Cybersecurity is in a pretty scary state. The news is a steady cycle of menacing headlines: Look at this fresh hell hackers are visiting on enterprises.
The Hail Mary of security teams is artificial intelligence and automation. Enterprises hope AI will patch the skills gap expected to leave 1.8 million jobs unfilled by 2020. The problem is, hackers are getting good at AI too — really good.
What about people in organizations — both security pros and non-pros? What percentage of their brains are they devoting to security? Perhaps they can crank out a little extra defense power to catch and remediate threats.
People in security often repeat the truism that the human will always be the weakest link. Mistakes and slips will happen, again and again. There isn’t any way to change the occasional carelessness that comes with being mortal, they say.
“I personally never believed that,” said Masha Sedova (pictured), co-founder and chief executive officer of Elevate Security Inc.
The number of breaches that humans fumble, trip or slip into is too high not to warrant inspection. “Something like 95 percent have a human error related to it,” she said.
Must we bow our heads and live with the disgrace? Or can people learn consistent security posture and procedures that cut down on slips and overall breaches?
Sedova spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the CloudNOW “Top Women in Cloud” Innovation Awards event in Menlo Park, California. They discussed how learnable behaviors can improve security and why tech alone won’t never be enough.
Attitude adjustment
People can indeed reduce the number of dangerous slips they make, according to Sedova. To do so, they need to change their attitude toward security.
“What would it look like if people wanted to do security instead of had to? What would it look like if people were champions for security not because we made them do it, but because each of us were invested in it?” Sedova asked.
Then security is not an add-on that those people in the security room worry about. It is something security pros and everyone else know about. And they can skillfully prevent and handle threats through good security behavior day in, day out, Sedova pointed out.
Treating human behavior as a tunable anti-threat device is the basis of Elevate, which Sedova co-founded a couple of years ago. “I took a step back from my computer-science and computer-security background and dove into the field of behavioral science, positive psychology, and game design and started exploring how people think and how we make decisions to see if I can start applying that to security.”
AI and automation — final solution or temporary fad?
Security folks that believe human error is ineradicable usually see improved technology as the best defense. The threat landscape is constantly shifting; the way to respond is with innovative technologies that fight new attack types.
The security tech du jour is automation and AI. Twenty-five percent of 4,000 security and IT professionals surveyed use AI and machine learning for security, according to a Ponemon Institute research report from last September. Another 26 percent had plans to implement it, and 63 percent felt it would increase effectiveness of security teams.
In parallel, new types of threats often involve hackers using AI and machine learning to breach targets.
“The more we use AI in security, the more the bad guys will use it as well to create an arms war,” said Michael Fauscette, chief research officer at G2 Crowd Inc., as quoted by SiliconANGLE, which aggregates reviews of business software. “The only thing you can do is keep current, do everything you can possibly do, and then do more.”
Vendors are selling automation to enterprises as invisible hands to detect, and even remediate, threats for them. Early detection and automated blocking can handle a vast number of threats, Terry Ramos, vice president of business development at Palo Alto Networks Inc., recently told theCUBE.
...
“If we look at the human element — why we make mistakes and how we let ourselves learn from them and make … better choices — we can actually move the needle in a really significant way,” she concluded
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park. If you don’t think you received an email check your
spam folder.
Sign in to CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park. If you don’t think you received an email check your
spam folder.
Sign in to CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park
Please sign in with LinkedIn to continue to CloudNOW Top Women in Cloud Innovation Awards 2019 | Menlo Park. Signing in with LinkedIn ensures a professional environment.
Masha Sedova, co-founder at Elevate Security, talks with Lisa Martin at the 7th Annual CloudNOW Awards from Facebook headquarters in Menlo Park, CA.
#theCUBE #ElevateSecurity #CloudNOW
https://siliconangle.com/2019/02/08/software-trains-away-human-slips-implied-in-95-of-security-breaches-topwomenincloud-startupoftheweek/
Software trains away the human slips implied in 95% of security breaches
Cybersecurity is in a pretty scary state. The news is a steady cycle of menacing headlines: Look at this fresh hell hackers are visiting on enterprises.
The Hail Mary of security teams is artificial intelligence and automation. Enterprises hope AI will patch the skills gap expected to leave 1.8 million jobs unfilled by 2020. The problem is, hackers are getting good at AI too — really good.
What about people in organizations — both security pros and non-pros? What percentage of their brains are they devoting to security? Perhaps they can crank out a little extra defense power to catch and remediate threats.
People in security often repeat the truism that the human will always be the weakest link. Mistakes and slips will happen, again and again. There isn’t any way to change the occasional carelessness that comes with being mortal, they say.
“I personally never believed that,” said Masha Sedova (pictured), co-founder and chief executive officer of Elevate Security Inc.
The number of breaches that humans fumble, trip or slip into is too high not to warrant inspection. “Something like 95 percent have a human error related to it,” she said.
Must we bow our heads and live with the disgrace? Or can people learn consistent security posture and procedures that cut down on slips and overall breaches?
Sedova spoke with Lisa Martin, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the CloudNOW “Top Women in Cloud” Innovation Awards event in Menlo Park, California. They discussed how learnable behaviors can improve security and why tech alone won’t never be enough.
Attitude adjustment
People can indeed reduce the number of dangerous slips they make, according to Sedova. To do so, they need to change their attitude toward security.
“What would it look like if people wanted to do security instead of had to? What would it look like if people were champions for security not because we made them do it, but because each of us were invested in it?” Sedova asked.
Then security is not an add-on that those people in the security room worry about. It is something security pros and everyone else know about. And they can skillfully prevent and handle threats through good security behavior day in, day out, Sedova pointed out.
Treating human behavior as a tunable anti-threat device is the basis of Elevate, which Sedova co-founded a couple of years ago. “I took a step back from my computer-science and computer-security background and dove into the field of behavioral science, positive psychology, and game design and started exploring how people think and how we make decisions to see if I can start applying that to security.”
AI and automation — final solution or temporary fad?
Security folks that believe human error is ineradicable usually see improved technology as the best defense. The threat landscape is constantly shifting; the way to respond is with innovative technologies that fight new attack types.
The security tech du jour is automation and AI. Twenty-five percent of 4,000 security and IT professionals surveyed use AI and machine learning for security, according to a Ponemon Institute research report from last September. Another 26 percent had plans to implement it, and 63 percent felt it would increase effectiveness of security teams.
In parallel, new types of threats often involve hackers using AI and machine learning to breach targets.
“The more we use AI in security, the more the bad guys will use it as well to create an arms war,” said Michael Fauscette, chief research officer at G2 Crowd Inc., as quoted by SiliconANGLE, which aggregates reviews of business software. “The only thing you can do is keep current, do everything you can possibly do, and then do more.”
Vendors are selling automation to enterprises as invisible hands to detect, and even remediate, threats for them. Early detection and automated blocking can handle a vast number of threats, Terry Ramos, vice president of business development at Palo Alto Networks Inc., recently told theCUBE.
...
“If we look at the human element — why we make mistakes and how we let ourselves learn from them and make … better choices — we can actually move the needle in a really significant way,” she concluded
