2018-07-26
高失业率固然不是什么好事,但接近0%的行业失业率也不是件好事。极低或零失业率意味着:没有足够的网络安全专家填补职位空缺;对现有人才的需求旺盛,造成薪资上涨和较高的人才流失率;组织更有可能雇用技能不足的员工。这正是网络安全领域的现状,而且不太可能很快得到好转--到2019年全球预计将有超过150万个职位空缺。
无论组织如何努力,他们将无法聘请足够的大学毕业生、招聘足够的技术专业人员或者对现有员工进行再培训以减轻这种短缺。但他们可以采用另一种方法:认知计算(学习,思考和与人类交互的系统)。通过使用人工智能、机器学习、高级分析技术和自动化等认知技术,组织可以提高现有员工的生产力并优化支持流程来解决人才短缺问题。
道理很简单:认知计算可以使组织更好地利用网络安全人才的时间和技能,并提高安全性。员工不必再花费大量时间响应潜在威胁或普通管理任务,他们可以聚焦于主动安全和复杂的调查。
例如,认知技术可以通过改进组织的工作流程来解决人才短缺问题。一家领先的投资公司指出,通过实现日常活动的自动化,之前耗费网络专家约40分钟的任务现在可以在40秒内完成,分析师的生产力提高了三倍。这就是自动化的价值:在时间和人才已经不足的情况下,不需花太多的时间在普通任务上。
除了节省时间,它还能省钱。最近的一项研究发现,组织每年花费大约21万小时调查误报,每年的平均成本为130万美元。这些警报可以由认知系统来处理,只有在需要进行更多调查时认知系统才会通知网络安全人员。
自动化才刚刚开始。其更强大的应用之一是使用高级分析。这种技术使用超级计算机处理能力来筛选大量数据,以识别行为模式、恶意代码和不明显的网络异常。这可以帮助网络专业人士预测威胁最有可能发生的地方,然后在威胁发生之前予以阻止。
我们以一个大型有线和互联网服务提供商为例,该提供商每天接收超过50万个网络安全警报。它部署了一个行为分析应用程序,允许分析师设定基准网络活动,识别和关联安全警报,以隔离最具威胁性的警报并改进安全阈值。结果是:六个月后,该提供商的警报减少了99.8%,其网络安全专家可以将精力放在最高优先级的警报上。
行为分析的应用是无止境的。银行可以使用这种技术来识别偏离个人用户典型行为的可疑在线账户活动,从而阻止盗用、欺诈或进一步的网络渗透。网络安全公司可以使用行为分析来检测新病毒或未知攻击,并在损坏发生之前阻止恶意行为,从而以机器速度进行响应。
行为分析是认知技术对网络安全的最大贡献之一,因为它允许组织采取主动的方法。从大量网络流量中筛选异常行为的能力是一个巨大的安全优势。能够预测威胁最有可能发生的地方,然后在威胁发生之前阻止它们,从根本上改变安全态势。
认知技术解决网络安全人才短缺的另一种方法是帮助减少人才流失(员工对工作感到不满意会导致人才流失)。典型的工作日充斥着无休止的、不具有挑战性的任务或活动,这会导致员工另寻高就。根据人力资源管理协会的报告,48%的员工认为工作本身对工作满意度至关重要。
自然地,有人担心认知计算意味着“机器人取代人类”,或认知技术的效率可能会导致人类失去工作。这种恐惧有些夸张了。当杂货店引进自助结账亭时,收银员也曾担心会失去工作。ATM的出现和广泛采用使得许多人认为银行柜员会失业。但是实际情况是,杂货店收银员和银行柜员的数量仍然在不断增长。在网络安全领域,机器无法实现的人类交互和创造力仍然具有压倒性的需求。
关键是不要与机器对抗,而是与它竞争。认知技术可以管理安全任务、预测恶意攻击并帮助留住员工。这些能力使公司能够通过重新分配现有人员来解决人才短缺问题,而不必仅仅依靠雇用新的和有经验的人才,同时也能够改进流程并加强决策。
但是机器不是万能的。通过将机器与对组织网络的认识相结合,网络安全专家可以识别网络的弱点,了解组织易遭受的网络攻击类型,并优先处理相关的漏洞。通过这种方式,人机配合可以在更短的时间内产生更好的效果。
8/18/2017
10:00 AM
By using cognitive technologies, an organization can address the talent shortage by getting more productivity from current employees and improving processes.
It may seem counterintuitive, but close to 0% unemployment in an industry is not a good thing. Little to no unemployment means there aren't enough cybersecurity professionals to fill open positions; there's a high demand for existing talent, resulting in salary inflation and high turnover; and hiring of underqualified workers is more likely. But this is the situation for cybersecurity, and it's unlikely to get better soon — more than 1.5 million job openings areanticipated globally by 2019.
No matter how hard organizations try, they won't be able to hire enough college graduates, recruit enough skilled professionals, or reskill enough of the existing workforce to reduce, let alone erase, the shortage. But there is another way: cognitive computing — systems that learn, think, and interact with humans. By using cognitive technologies such as artificial intelligence, machine learning, advanced analytic techniques, and automation, an organization can address the cyber workforce shortage by getting more productivity from the existing employees and optimizing the supporting processes.
The premise is simple: cognitive computing allows an organization to make better use of the time and skills of its cybersecurity talent and improve security in the process. Instead of having the workforce spend the bulk of its time reacting to potential threats or on mundane administrative tasks, it can now focus on proactive security and complex investigations.
For example, cognitive technologies can help address the workforce shortage by improving the organization's workflow. One leading investment firm notedthat by automating routine activities, tasks that use to take cyber professionals about 40 minutes were now accomplished in 40 seconds, and analysts' productivity tripled. That's the value of automation — not spending too much time on mundane tasks, when time and talent is already in short supply.
In addition to saving time, it saves money. A recent study found that organizations spend about 21,000 hours investigating false or erroneous security alerts at an average cost of $1.3 million annually. These alerts could be handled by cognitive systems, which would only notify cybersecurity personnel when more investigation is warranted.
But automation is just the beginning. One of the more powerful newer applications is the use of advanced analytics. This technique uses supercomputer processing power to sift through large sets of data to identify behavioral patterns, malicious code, and network anomalies that may not be readily apparent. This can help cyber professionals predict where threats are most likely to occur and then prevent them before they do.
Consider the case of a large cable and Internet service provider that was receiving more than 500,000 network security alerts every day. It implemented a behavioral analytics application that allowed analysts to baseline network activity, identify and correlate security alerts to isolate the most threatening, and refine security thresholds. The results: six months later, the provider saw a 99.8% reduction in alerts and its cyber professionals were now spending their time investigating the highest-priority alerts that required human ingenuity to solve.
How
It's Used
The applications for
behavioral analytics are endless. Banks can use this technique to identify
suspicious online account activity that deviates from an individual user's
typical profile, thereby stopping theft, fraud, or further network penetration
before it begins in earnest. Cybersecurity firms can use it to detect a new
virus or unknown attacks and stop the malicious behavior before damage happens,
permitting responses at machine-speed.
The use of analytics is one of cognitive technologies' greatest advantages for cybersecurity in that it allows organizations to take a proactive approach. The ability to wade through massive amounts of network traffic to quickly identify irregular behaviors is an enormous security advantage. Being able to predict where threats are most likely to occur, and then prevent them before they do, can change fundamentally change security.
Another way cognitive technology addresses the cybersecurity workforce shortage is by helping to reduce employee turnover, which can occur when employees feel unsatisfied with the work. A typical workday filled with uninspiring tasks or activities that aren't challenging can prompt employees to seek professional fulfillment elsewhere. According to a report by the Society of Human Resource Management, 48% of employees reported that the work itself was very important to job satisfaction.
Naturally, there are concerns that cognitive computing means that the "robots are taking over" or that the efficiency of cognitive technologies may be so advantageous that humans may be out of work. But this fear is overblown. When grocery stores brought in self-checkout kiosks, cashiers feared they'd no longer be needed. The advent and widespread adoption of ATMs caused many to believe that bank tellers were on the brink of becoming pass�. But the number of grocery store cashiers and bank tellers actually grew over time. In cybersecurity, there remains a place and an overwhelming need for human interaction and ingenuity that a machine cannot fulfill.
The key is to not compete against the machine but to compete with it. Cognitive technologies can manage rote security tasks, predict malicious attacks, and help retain employees. These capabilities allow companies to address workforce shortfalls by reassigning existing personnel without needing to rely solely on hiring new and experienced talent, while also improving processes and adding rigor to decision making.
But they can't do everything. When these insights are combined with an organization's knowledge of its own network, cybersecurity professionals can identify the network's weak points, characterize the type of attacks the network is susceptible to, and prioritize addressing the pertinent vulnerabilities. In this way, human-machine teaming can produce better outcomes in less time.
附件:
《Curbing the Cybersecurity Workforce Shortage with AI》--原文.pdf
《Curbing the Cybersecurity Workforce Shortage with AI》--译文.pdf
微信公众号