AI Technologies , AI-Based Cyber Defense/Cyber Offense , Business Developments
Automation 2.0: Measuring Security Decisions in the SOC
Swimlane CISO Michael Lyborg on AI and Transformative Trends in Security OperationsAutomating decision-making in the security operations center strengthens an organization's ability to detect, respond to and mitigate security threats effectively. But the focus has shifted from micro-automation to a unified platform, with emphasis on the importance of measuring key performance indicators over time to assess the effectiveness of security decisions, according to Michael Lyborg, CISO, Swimlane.
See Also: Securing the Data & AI Landscape with DSPM and DDR
Artificial intelligence can complement security automation, but Lyborg advised a cautious approach. "You have to evaluate and assess risk. When it comes to security tooling, there's a lot of sensitive information," he said. "Test it, validate it, train it well and just continuously improve."
In this interview with Information Security Media Group at Black Hat Europe 2023, Lyborg also discussed:
- Consolidating security tools within unified platforms for cost savings and operational efficiency;
- The importance of well-defined processes for automation and understanding the desired outcome;
- The risks associated with integrating AI into security automation;
For more than 15 years, Lyborg has led engineering teams and authored controls, policies, plans and procedures for various compliance certifications, including SOC2, ISO 27001 and CMMC. He has also served as an operations manager for the Marine Forces Special Operations Command, following his service as chief instructor at the Marine Forces Special Operations School and as an infantry leader of the 2nd Marine Division in the U.S. Marine Corps.