Peter Woollacott of Hunstman Security on humanising cyber security tasks
9 May 2018
Jeremy Swinfen Green talks to Peter Woollacott, CEO of Huntsman Security, about humanising cyber security tasks.
Huntsman security was founded back in 2000 as a result of a brief from the Australian military who needed an online threat detection tool.
The tool that Huntsman developed had two main elements: a policy and rules based engine; and a system to detect unusual network incidents. The thinking behind it was to enable clients to have a chance of identifying the likelihood of unknowable or “Black Swan” incidents.
Nearly 20 years on and, Peter Woollacott tells me, Huntsman has massively built on this solution to globally deliver the ability to analyse a massive 10 billion online events a day.
10 billion events takes some analysis. Running through such a vast amount of information can be challenging and highly stressful: the firehose never gets switched off.
Artificial intelligence in cyber security
We talk about the Target data breach, back in 2013. That’s not the only time that too much data and too many false positives have resulted in skilled professionals down-weighting the information they received from security systems.
And that’s why Huntsman uses Artificial Intelligence (AI): to winnow those incidents down to a more manageable level. Automated triaging of incidents means that analysts don’t get alert fatigue.
Also of interest: Using AI in cyber security
Peter explains to me why he believes that “humanising” the tasks that cyber security analysts perform is essential. Businesses are increasing undertaking digital “transformation” projects. And while this increases efficiency, it results in more and more data being created and shared by organisations.
The problems caused by massive amounts of data are made worse because of the integration of previously separate business processes. For instance, Peter tells me, a CRM executive in an energy company may be telephoned by a customer with a complaint about a smart meter; as well as accessing customer-facing processes (the client’s account etc.) the CRM exec now also needs to access the smart metering system. Suddenly CRM and OT Systems are connected. That causes new security issues to be managed.
Cyber security is, if you like, the flip side of digital transformation.
The IoT on its own brings new problems, I suggest. Very much so, Peter agrees. Where machines, often dumb machines that have not been built to protect themselves, are talking to other machines in an uncontrolled environment, data is being transferred and there is no one to monitor what is happening. Inserting people into the process simply is impractical, due at least in part to the speed of activity. So you need machines to do the monitoring for you.
Also of interest: AI isn’t The Terminator
Benefits of humanising cyber security tasks
Humans in a high data-volume environment simply can’t keep up. The resource overhead from constant fire-fighting can damage motivation and efficiency, and can even result in analyst burn out. But using digital assistants powered by AI “to do the grunt work” frees up those analysts to do more interesting, creative and arguably more important work: proactively looking for potential issues as they develop and identifying the best ways of avoiding or mitigating those problems.
These are new skills. And so is the skill to manage the machines that are monitoring data. AI can only go so far. Humans need to be able to guide it along the right paths. Digital workers guided by human workers, that’s the future of the cyber security workforce, he suggests.
Proactive threat detection combined with machine minding. But that’s not the only skill our new analysts will need. There is also a real need to communicate upwards.
Telling a senior manager who is intent on selling a lorry load of widgets that “a router is down and we need to fix it” won’t get you much more than a blank stare. Telling them that “We can’t make any sales today because a router is down” will almost certainly get their attention. Same message: different way of explaining it.
In today’s uncertain and highly digitised world, cyber security has never been more important. The skills we need to keep us safe are changing. But those skills won’t be delivered unless cyber security workers are taken away from routine and mechanical tasks, unless their jobs are humanised. And that can only happen if they are assisted by the types of machines that AI is now making possible. Welcome to the hybrid digital/human workforce.
Peter Woollacott is the CEO and founder of Huntsman Security. Before starting Huntsman, Peter spent many years at senior and executive levels in major corporations, and as a strategic advisor to leading brands like CBA, AXA, PWC and Bain & Company.
Huntsman Security is the creator of the Huntsman® Security Analytics Platform that protects sensitive environments and critical national infrastructure in the Five Eyes community. A private Australian company founded in 1999, Huntsman have offices in Australia, UK, Japan and North America.