Network Security

RiskSecNY: No such thing as 100% automated threat intelligence, says panel

Automation, machine learning and artificial intelligence continue to play a growing role in detecting and diagnosing network threats based on traffic analysis and data feeds, but such technologies still must be complemented by human decision-making in order to be effective, according to a panel session Tuesday at RiskSec NY 2017.

"Supervised machine learning has a lot of promise, but you still need that paired up with human brains to make [your threat data feed] a truly valuable feed for your organization," said Levi Gundert, VP of intelligence and strategy at Recorded Future, asserting that human analysis is necessarily to derive proper context from external reports while weeding out noise and false positives.

"I think human intervention is still required," agreed Charles Kao, global director of information security at fund administration firm Hedgeserv. It's how do we leverage our analysts to focus on the ones that's relevant for the organization, rather than... just having them go through the feeds and not knowing which direction [to go]?"

Human intelligence is also required to determine and communicate parameters for measuring the success of automated, operational threat intelligence, Gundert continued. Companies, can for example, track the number of new firewall and web proxy rules added to their firewall solutions. "But then you also maybe need to think about tracking the efficacy of those rules over time. So how many threats do you actually block with those new rules over time?"

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.