SAS Viya

Published: July 26th, 2017

McAfee has released some of the finding from a research report called Disrupting the Disruptor, Art or Science?. The report covers the role of humans in the automation process and how machine learning technology impacts the workflow.

The biggest takeaway from the McAfee report is that organizations that prioritize the human threat hunter before investment in automated technology, are more successful in closing security cases and determining the root cause of threats.

The report concludes with a vision statement: the future of cybersecurity response to be driven by a new concept called Human-Machine Teaming, the concerted combination of human efforts with smart technology.

The security vendor also announced updates to its solutions portfolio for the marketplace to bring machine learning capabilities to security infrastructure.

Other key findings are:

  • Seventy-one per cent of advanced Security Operations Centres (SOCs) use human-machine teaming to close cybersecurity investigations in one week or less;
  • Of the most advanced organizations, 37 per cent closed threat investigations in less than 24 hours;
  • Hunters at the minimal level only determine the cause of 20 per cent of attacks, compared to leading hunters’ verifying 90 per cent;
  • Sixty-eight per cent say better automation and threat hunting procedures are how they will reach leading capabilities;
  • Successful cybersecurity teams are three times as likely to automate threat investigation and devote 50 per cent more time to actual threat hunting; and
  • More advanced organizations get far better leverage from their threat intelligence investments.

The new additions to the McAfee portfolio includes updates to the McAfee Advanced Threat Defense (ATD), McAfee Enterprise Security Manager (ESM) and McAfee Endpoint Threat Defense and Response (ENS) products.

McAfee also introduced OpenDXL.com, an independent community Web site to help facilitate the use of open source integrations.

Part of McAfee’s strategy with this report and the new community Web portal is to expand machine learning and automation capabilities in the market through the channel. McAfee anticipates this effort can lead to more human-based machine teams.

Raja Patel, Vice President and General Manager, Corporate Security Products, McAfee, said security teams face 244 new cyber threats every minute on a daily basis. There is also a serious talent shortage.

Patel believes siloed security, without automation, managed by overwhelmed teams is not a sustainable defense strategy.

The opportunity to expand machine learning and integrated analytics are now part of McAfee’s vision for a fundamental shift in the way humans and machines work together. Patel added that by aligning the strengths of humans and machines, organizations elevate their operational maturity to better defend against the cyber threats we face today—and tomorrow.