Bots Change Security

Security for the enterprise is in a transition, from the era of on-premises products and managed services, to an era where security bots - using robotic process automation - will automate many task-oriented activities of security. This includes many of the tedious day-to-day operations and tasks associated with end-point protections, firewalls, intrusion detection, email content filtering, web-application security testing, and vulnerability scanning among many others that will be handled by security Bots.

Not limited to defend, detect, respond and recover; security Bots will be used to automate process that identify and protect as well, The reason? It's far more accurate, consistent and less expensive for security bots to enumerate assets, flag inconsistencies, and rectify or remediate issues; with less, little, and eventually no human intervention.

There seems little to stop their adoption, and many compelling reasons to use them. They are cheaper to use than humans. Their use resolves an age-old conflict of interest between IT operations that is rewarded for keeping services running at all times, security be danged. Security on the other hand focuses on risk, and is rewarded to scream FIRE to save assets, lives and livelihoods. The use of security bots also resolves an issue of who controls them, or their use should at least. But their uses are not without some drawbacks.

Some claim the use of security bots have drawbacks include operational glitches, heightened risks, and the loss of jobs.

Operational glitches occur with any new technology. These will be overcome, but for security enterprise uses will want to be tested - at least enough - for assurance that far-edge cases are understood and have several layers of backup / compensating controls, as with most sound security programs. A loss of jobs is going to occur, but it will be the tedious task oriented, turn-the-crank router, SIEM, firewall, and AV product jockey skills that will be replaced: just in time for the era of advanced data pattern matching and analytics. The product jockeys will be forced to up-skill.  The heightened risks are another matter.

Should we be worried about an invasion of the security Bots? Are the heightened risks worth worrying about? I guess a few adverse possibilities would include:

  • Rogue Security Bots
  • Neutered Security Bots
  • Incomplete Security Bots

Rogue security bots are the sci-fi fantasy of the AI-enabled bot taking control away from humans. Bots only do what they are allowed and permitted, at least for the time being: they really are dumb security bots. Until such time as cognitive systems become real and there is a crossover between machine cognition and its ability to control dumb security bots, then we should probably not worry about this. Will the time come when we should? Possibly.

Neutered Security Bots is a scenario that is all-too-possible. It is one where cyber-attackers implant their own code to hijack notifications and logs that worries me. In this scenario, it is possible to have security bots deployed doing their jobs and we never know they've been compromised. The worst case situation in this scenario is neutered security bots run until discovered, if ever.

Incomplete Security Bots are also a likely scenario, one where security bot programming is incomplete, the process changes and needs to be adapted, or where process workflows are incomplete. Incomplete security bots are probably more likely than Neutered security bots, at least until their programming is corrected. The risks from incomplete security bots is likely to be less than those posed by Neutered or Rogue security bots.

 

 

Leave a Reply

You must be logged in to post a comment.

Featured Research

Spend on Security

Is your organization underspending on information security? If you’re like most, spending on information security lags far behind other priorities. Only during the past few years has spend on information security started to increase, but it still lags behind. In this Research Report, Wellington summarizes findings from research conducted with thousands of organizations to highlight

The Wizards of Tech

Find out how the unspoken issues of culture, incentives, business strategy, and people impact your life, and the utility of the technology products and services you rely on to operate your business. Download the full report – The Wizards of Tech – today!