Podcast | Technology & Business Solutions (TABS)
Hacking the Hackers: Unpacking the Powerful Emerging Cybersecurity Trends
THL’s Automation in Action, Episode 6
A powerful combination of trends – from the proliferation of connected devices to the increasing sophistication of hackers and shortage of qualified security talent – has created an urgent need for smarter technology that can harness vast quantities of data in real time and create predictive models to make enterprises safer and more secure.
In this episode, we speak to Kerry Bailey, CEO of eSentire, a security firm that protects the critical data and applications of over 2000 organizations, across 35 industries. The company uses sophisticated automation technology to monitor and shut down both known and unknown cyber threats. We take an in-depth look at the cybersecurity landscape, its evolution, and where we stand today as Generative AI and Large Language Models continue to proliferate.
Key takeaways from this episode:
- The evolution of cybersecurity over the past decade
- How generative AI, automation, and cybersecurity interrelate
- How generative AI is making hackers more sophisticated, and how we can use that same technology to defend against them
- What’s behind the massive shortage of cybersecurity professionals, and how automation can help to complement the work of human analysts
- The generative AI trends professionals need to be on the lookout for
To learn more about THL’s cross-sector strategy to uncover opportunities in emerging technologies, visit THL.com/automation.
[00:00:03] Kerry Bailey When we think about automation in general, and we always think about we can do things faster with higher quality and more efficient. We all have that drive. We want our human resources to be working on the harder problems, and we want to automate as much as we can.
[00:00:21] Jim Carlisle That’s Kerry Bailey, CEO of eSentire. And I’m Jim Carlisle, and this is Automation in Action, where we pull back the curtain on automation technology and lead you on a journey inside. eSentire is a security firm that protects the critical data and applications of over 2000 organizations in 80 or more countries across 35 industries. The company uses sophisticated automation technology to monitor and shutdown both known and unknown cyber threats. Today, I’m joined by my colleague Syndie Kim, who sat down with Kerry for an in-depth look at the cyber security landscape, its evolution, and where we stand today as generative AI and large language models continue to proliferate. I’m also joined by our colleague Brian Radic, who oversees THL’s efforts in cyber security. Brian, thanks for joining us.
[00:01:12] Brian Radic Great to be with you, Jim. In an earlier episode, I know we heard about generative AI as it relates to automation, and I’m really looking forward to hearing about how GenAI, automation and cyber security interrelate. Syndie, what stood out to you from your conversation with Kerry?
[00:01:30] Syndie Kim We certainly found the right person to speak to on this topic. It’s clear Kerry is incredibly passionate about cybersecurity, and his career has been hyper focused on this topic from his beginnings working with Air Force intelligence. For me, it was fascinating to hear about how GenAI can help to build a learning model to uncover threats. eSentire has 20 million signals coming through every day from their customers. And with the help of GenAI, analysts can more quickly learn what is a threat and what is not.
[00:02:01] Brian Radic That’s really interesting, but raises the question if those analysts on the defense are using GenAI to learn to combat threats, how will the hackers potentially using the same large language models to work smarter and evade defenses?
[00:02:17] Syndie Kim I wonder the same thing, Brian, and it’s an issue that’s top of mind for Kerry. According to McKinsey, cyber crime is on track to cost the global economy 10.5 trillion dollars annually by 2025. That’s a 300 percent increase over 2015 levels. And a lot of that proliferation is due to the growth of sophisticated technology, including large language models. It’s basically an arms race between the good guys in the bad actors, and that’s what creates an important business opportunity for companies like eSentire. McKinsey estimates that companies spent 150 billion dollars on cyber security in 2021, and that’s growing at an annual clip of more than 12 percent. Yet there’s also a cybersecurity job shortage. There are currently approximately three million open cybersecurity jobs that companies are struggling to fill. So for a company like eSentire, automation can be a key part of bridging that gap.
[00:03:16] Brian Radic That’s exactly why THL developed an identified sector opportunity around cybersecurity. With companies across all industries continuing to migrate to the cloud and manage larger volumes of data, cybersecurity technology has become a critical to safeguarding business operations and continuity. Let’s hear what Kerry has to say about it. Should we get started?
[00:03:38] Syndie Kim Absolutely, Brian. Kerry, thanks a lot for joining the show today and for making time for us. Before we dive into the topic of cyber security, could you tell us a bit about your background and how you got into this space?
[00:03:56] Kerry Bailey Yeah, absolutely. I appreciate you having me as well. I’ve had a very fortunate career that where my passion led early, early on around cyber security, started way back working for Air Force intelligence, working on a plane called the SR-71. The key aspect of that was it was a spy plane. It had data we had to protect, we had to move data. And it was very, very critical. I moved from there to naval intelligence. We were putting web browsers for the first time on big aircraft carriers, but the whole background started in the Intel side. And then during the.com world, I really was able to move towards where things were trending. And at that time we were connecting the internet to businesses. Dot-com grew up big. And each of those trends, as we moved into cloud, mobile, all of those areas I’ve had the pleasure of working for. Everything from start ups to Verizon to Hewlett Packard, etc. and that brings me to eSentire today. So the whole arc of the career has been in some type around cybersecurity or the trends around cybersecurity.
[00:05:02] Syndie Kim That’s awesome to hear. As I’m sure you’re aware, Kerry, cybersecurity is by no means a new concept, and it’s been around for a while. One thing that I’d be interested in hearing from you is how you’ve seen it evolve over the years as more sophisticated technology has come up, both offensive and the defensive side.
[00:05:22] Kerry Bailey It’s a great question. Security has always been, and I’m not sure it will not always be a quick follower to the trends. We brought the internet out and the internet was going to just change the way business was done. Immediately, we had to develop firewalls, we had to develop antivirus, etc. and then you go, hey, you know, clouds here. Oh my gosh, Zscaler was born. Many companies were born around protecting. So as these big changes in technology happen, the good news is we have a pretty quick in cybersecurity, but that’s how it goes. Even if you go to next GenAI right now, right, we are all looking at it. We’re grasping it and we’re deciding how do you make sure you attack it? Because, you know, the one thing that we know is that business is all about speed, so that evolution and technology is going to occur. Security’s got a follow up. Now, the good news is I do believe over the years, every time we solve a problem for connectivity or digital transformation or cloud, it conveys into the next evolution that’s going out there. We’re in a really big change coming up with GenAI right now. But again, I believe every step we’ve taken along this path, we’ve got better. And the other challenges, the adversaries also use that same tech to get better as well. But they were evolving. It’s going to continually evolve forever.
[00:06:49] Syndie Kim It’d be great to talk through an example of what could potentially lead to a breach. Are there some prime examples that you saw maybe five, ten years ago and then how that has changed?
[00:07:01] Kerry Bailey I think if you look at what we would call the attack surface, and then that first attack vector, where do people go first and what’s the majority of those areas. In 2020 it was majority was all the email. We’re all used to phishing. You would get the email and you would click on the link, malware would get downloaded. And that was the initial attack vector. That was probably about 60 percent of the attacks back in 2020. You look at 2023, that’s down to maybe 15, 18, 20 percent is via email. And the new attack vector is coming via the browser. SEO is a great example. You think you’re searching for something. The SEO population of what you’re searching for gets elevated. You click on it, you go there, you think you’re on a different site or the right site, and you get malware downloaded to you as well. So it’s gone from email to browser, I would say, is the two predominant vectors. And we certainly had other areas as well. We’ve seen known good credentials is another area. We give up our credentials takingly, and lo and behold, you get an insider threat or adversaries coming via that. But those are still the predominant ways people are coming in to attack you today.
[00:08:23] Syndie Kim That’s super interesting, Kerry. And does AI introduce new ways of perpetration or new ways of opening up these attack surfaces that can be vulnerable.
[00:08:34] Kerry Bailey It’s the topic of the year and probably will be the topic for many years. I’ve always said traditional AI and machine learning, the best use case and the worst in the world for AI was cyber security. We have 20 million signals a day coming in from customers. We have to go through all of that data and find what’s good and what’s bad. And our analyst, they click on hey, this is known good. This is known bad. The models learn. And then the machine begins to understand what is a threat, what should be detected, what should be shut down. I think the industry has gone a long way in machine learning. Now, where we are coming into next GenAI and the LLM models. It’s still early. I don’t think there’s anything right now. At least I would say anything that’s helping on the defensive side. People are more worried right now about it. And what does it expose to me, and will the adversaries use that tool to attack me? It’s just too early to say, look, there’s something and it’s going to materially help customers. But I think as we look at it evolve, we’ll begin to use it in defensive ways. But remember, the adversaries are also going to use it in an offensive way as well.
[00:09:57] Syndie Kim What are some examples of how the next generation AI can be used in offensive ways?
[00:10:03] Kerry Bailey I always look at the attack landscape, email or web browser. Where are people going to attack? You think about getting a phishing email. We’re all in this industry. We’re pretty trained that when you get a email and it’s got misspellings in it, or the DocuSign kind of looks like an image, it doesn’t look like it’s full of HTML links. You kind of question it. But if you think about what LLM you’re doing, that natural language. If I get an email now that says, hey, Kerry, please send me a gift card. I know what it is. If I get an email that says, hey, I saw that your dog Raven won a competition the other day. Congrats on that. I love the all hands we did at the business. By the way, can you approve this PL that we’re sending? That is a whole lot richer context for me, and I think you’re going to see that from an adversary standpoint is take advantage of the threat landscape they have, improved the language that they can use, and whether it’s email or browser links that you click on, I think that can be something that you have to really, really look out for overall. Now, on the other side of it, we have found significant power in it as a service provider. We’ve got over 2000 customers around the world in 85 countries. The one thing that we always want to be able to do is articulate to customers, this big technical threat stuff and risk to your business and how do I put it in natural language? So we took all of our data over the last 20 years, and we have our own LLM model that runs so customers can not only ask questions of their own data, but then when we articulate it to them. It provides a lot more context. So it’s more efficient for us, but it’s also more valuable for the customer as well, because they see things in much more natural language.
[00:12:01] Brian Radic It’s Brian Radic again. Syndie, it’s fascinating to hear how bad actors are weaponizing the same language models that good actors like center are using to detect and shut down threats.
[00:12:13] Syndie Kim It really is, Brian and Kerry’s clients all have to adapt in real time to new threats, even while they’re figuring out how to leverage AI to improve their own businesses. This is true across the board in health care, financial technology, and services. Really, it applies to all the sectors in which THL invest.
[00:12:32] Brian Radic How Kerry’s clients think about security in a world where change is so rapid and rampant.
[00:12:38] Syndie Kim He has a unique perspective to share. Should we get back to the interview?
[00:12:43] Brian Radic Absolutely. Let’s go.
[00:12:50] Syndie Kim As part of eSentire, I’m sure you speak with customers on a daily basis on their biggest challenges. How would you describe the CIO or the CISOs greatest challenge today?
[00:13:02] Kerry Bailey I wouldn’t even say it’s just the last year or two, but I still put it in two words. Almost all CIOs speak about speed and the security of what they’re doing, and the two are very much related. Here’s the exciting news on something like next GenAI or moving all your workloads to the cloud. The business views that as this is our differentiation, we’ve got to move fast as a business, this is how we innovate as a business. And they’re pushing that CIO to go out and move fast to get the outcome out of these tools, the software that they need. On the other side, the security element of that, we all want to run out and deploy next GenAI. It’s the most powerful tool that we’ve seen in a long time that you can just go in and use, but the details of what you type in it, what access it has to your data, is it exposing your IP. All of those pieces, they worry about the security side. So it’s a balance, right? It’s a constant balance. It’s probably the toughest job that is across the c-suite when it comes to balancing security and speed. And if you add to it, and I would say this year we’ve all felt softness in the world from a growth perspective. We’ve seen layoffs. So now all of a sudden you’ve got speed security and then you’ve got less resources. So they are balancing a very tough job overall. But again, we live in a digital world. Our companies operate in digital world. You’ve got to make sure it’s secured. And yes, speed matters but you got to do it the right way.
[00:14:40] Syndie Kim Speaking of balance Kerry, I think one other topic relevant for today’s business leaders is around how they balance digital transformation or automation versus security. How have you seen those conversations go within your customer organizations?
[00:14:57] Kerry Bailey When we think about automation in general, and we always think about we can do things faster with higher quality and more efficient. We all have that drive. We want our human resources to be working on the harder problems, and we want to automate as much as we can. And I think that applies across the entire IoT stack. And there’s been great innovation, and I think we’re going to see even more of it. When you put security in that and in specifically cyber security, you’ve got to add the word efficacy to it as well. We’re a company. We bring in 20 million signals a day. So automation and AI specifically is really important for us to filter through the noise, get out the things that don’t matter, focus on the things that matter. So it is first for us efficacy. We’ve got to take 20 million events. We’ve got to get it down to roughly about 600 investigations a year that come out of that noise. And we need this to be automated. That works out really, really well for us. But if you automate down to a point where you begin to filter out the real threat and your automation is focused on the wrong things, you lose efficacy and the automation didn’t pay off for you. So we like to see in security, take the things that are high cost and low risk and automate those. There will always be the last mile of human when it comes to security. You need the intellect. You need the cognitive thinking around that investigation. You need to understand risk. So spend your time there.
[00:16:35] Syndie Kim One other topic that’s top of mind for a lot of business leaders is around attracting cyber security professionals, which is at an all time shortage. How can automation and AI help ease that problem? And how are companies like eSentire helping customers overcome that challenge?
[00:16:53] Kerry Bailey If you look at some of the numbers that are out there, and by the way, I think these numbers are pretty accurate. Says there’s two and a half, three million open cybersecurity jobs that they can’t get filled. So when we sit here as a company like ours, we have to grow our analysts. We have to go into universities when they’re in their second year of college or university and begin nurturing them into, hey, do you want to be an entire analyst and spending time and money and growing that analyst, because it is just something that is at great shortage out there. So the next thing is that when you can recruit a security analyst, they don’t want to work on those mundane tasks. They have choices right now. They want to go to work for companies that are putting them in knife fight in the street against the adversaries. They want to be working on the most important thing. So back to my comment on automation, there’s a lot, lot of work we have to do in security that is basic blocking and tackling. You’ve got to take those and automate those, because when you’re trying to attract a security specialist, somebody to sit in your security operations center to work on your risk team, they’ve got to do work that’s meaningful.
[00:18:07] Syndie Kim Going back to the next GenAI topic. I know you mentioned it’s still pretty early in terms of how I will help on the defensive side. What are some of the ideas or opportunities that you see today may come up in the next couple of years?
[00:18:25] Kerry Bailey I think the first thing is just to understand, you start with the risk of GenAI in general. The one thing that that we’ve always felt good about is if you deployed a cloud workload, it was similar when I deployed a workload on site and it connected to a network, it had to have code reviews. I knew how to do it even though it was in the cloud. I knew how to do it. The difference with GenAI right now is its ability to gain. If you give it access to your IP, your data, those type of things that when it consumes that data, then anyone that then has access to that model can do very bad things with it. So I think access controls around GenAI and what gen I can touch is probably the most crucial aspect of deploying GenAI in general. And then once you do that, it’s pretty powerful. But imagine if GenAI was connected to a customer’s data and someone said, give me administrative privileges and show me Kerry Bailey’s information right. If it has access, it’s going to produce it. So I think access controls is probably the biggest aspect around GenAI in general. We shouldn’t be afraid of it. Customers need to deploy it, but they got to deploy it in the right way in the same manner and think completely different than we ever have thought about a new technology being deployed.
[00:19:56] Syndie Kim Philosophically does the same technology that provide the offensive mechanisms also work on the defensive mechanisms? And in that case, how do we stay ahead of the curve of these attackers?
[00:20:10] Kerry Bailey We have a saying here that says it’s not the technology, it’s the person using the technology and their intent. The intent, if it’s bad, that type knowledge is going to be pretty powerful overall, right? But for the most part, almost every technology that has been deployed, we think of it as defensive and we develop a ton of defensive use cases for it. And then you see the adversary turning for an offensive tool. There’s no doubt in my mind the tools today of GenAI and tomorrow of GenAI they will use because it’s powerful. It’s got a powerful language model to it. It has great access to speak like a human and be able to tailor the language towards a human. It will be used that way. And again, I think caution for everyone is we’re going to deploy it. You have to deploy it. But it’s not like deploying cloud or deploying big data or any of the other things you’ve done in the past. This one, you’ve got to think about it being walled off. Think about how to detect it. We’ve ran out some open source content for customers to be able to take all of the work that their company is doing, that may be into ChatGPT, etc. run it through a gateway so you see what data is moving, what data is not. You can look for keywords. You’ve got to think that way. So yes we’re going to see it both unfortunately. Again it depends on who has the tool in their hand to do good or bad with. But yes we’re going to see that.
[00:21:43] Syndie Kim I think GenAI is a topic that gets spoken a lot of amongst your industry and your customers. Are there certain kind of large ideas or trends or themes that you feel like is meaningful, but doesn’t get enough kind of attention from your customers as much as it should? Any blind spots that you see?
[00:22:05] Kerry Bailey If you go back in time where we went towards digital transformation and all of a sudden everything is distributed, we used to log when we sat in a data center behind four walls, and only our corporate assets were there, etc. we know that’s not the world. Everything is highly distributed. When that happens, understanding where your assets are and what are your assets is still also one of the biggest challenges that we see with customers around the world. All it takes is one endpoint. We hired a new employee in Japan and the employee wasn’t rolled out on it. It’s understanding the assets and making sure those assets are covered. And those assets are no longer physical assets. It’s everything from every network IP to every cloud workload to every identity record in active directory. It’s seeing all assets across the environment and being able to have full spectrum visibility of what those assets are doing. When you do that, we have such a better position on security in general. You can protect those assets in the right way. You can monitor those assets. You can see when those assets are talking to one another or when they shouldn’t be talking somewhere else. But we overlook the need to understand what you have, what those things are doing. And then you can apply a lot of different security technologies on top of that, or just overall on monitoring for sure. That’s my biggest one, and it’s the simplest one, to be honest.
[00:23:39] Syndie Kim Do you see varying maturities across your clients on that asset inventory or discovery kind of journey?
[00:23:46] Kerry Bailey I think it’s got better. When our business first started out, we started in financial services. So it was very easy to understand it. And it wasn’t that we started financial services, it was the need was in financial services. They understood risk. They understand how to protect money, protect customers. It was very easy. That has continued to grow now. You see it, law firms. We have some of the largest law firms in the world. They have to protect the data they have, the case information, their clients, etc. so we’ve seen it move from companies that had high value assets to being the most mature to then it’s spreading into manufacturing legal. Certainly health care was one of the first ones as well. But if you understood the risk of your asset, then all of a sudden you had a more mature kind of model. In retail started with more PCI compliance, and they have now got better across their world as well. But again, I still say we’re improving across all industries. You ask if we’re winning against the adversary, I would probably tell you if this was a football game, the score would be 21 to 20. If anybody fumbles the ball, the adversary may go ahead. But there’s no clock on this game. It just keeps running. But right now I’d say we’re winning and various industries are all coming up to different levels, but I think we’re winning just a little bit.
[00:25:10] Syndie Kim The game’s intensifying too every year.
[00:25:12] Kerry Bailey Yeah, exactly. And if you’re a big sports fan, you know the stress that you have when you’re watching a game, when you only have a one point lead or you’re down by one point. So we should all operate with that stress in our businesses.
[00:25:23] Syndie Kim What’s next for eSentire.
[00:25:25] Kerry Bailey Oh my gosh. I’ve been here six years at eSentire, and it has been a crazy run with the MDR industry and how important MDR is in the cybersecurity industry. I would say our next evolution here, and I think an evolution is three years in our industry, is that we’re all about scaling our software innovation. And I don’t want to say this because it sounds like you’re getting on the bandwagon of GenAI and what we’re doing with LLMs, but we had a very unique opportunity that we’ve been in business for over 20 years. We have investigation data. So down at as I said, the night fighting, we have the data of what an attack look like, what an investigation was like. And we’ve kept that data over those 20 years perfectly applied to LLM today. So we feel very good of the innovation that we’re going to deliver against this new threat landscape, but also this new innovation in the cybersecurity world around GenAI. Second thing is we’ve got to maintain this evolution of the landscape. It’s constantly changing. We went from a world back ten years ago being all about alerts to now we’re all about data and what we do with that data and how we evolve. Protecting the threat landscape will be one of our biggest things. Our third area is and I it’s crazy to continue to talk about cloud security, but it’s not going away. And I would call it more of digital transformation. But where are those digital assets? It’s in the cloud across APIs, how they’re used. We’ve got great innovations coming out for that as well. And the final one is we’re going to keep rolling and we’re going to grow smartly, we’re going to grow profitably, and we’re going to continue to grow across many years across the world here.
[00:27:14] Syndie Kim Kerry, in the news every day we see the volume and the intensity of cyber crimes increasing over time. What are some of the examples that you’ve seen in real life around these breaches that you could speak to in terms of the impact to these companies?
[00:27:32] Kerry Bailey I think the biggest one that you can think about that we’ve seen in the new and frankly, a lot of citizens feel it. So if you think about it, the citizens are feeling it, just think what the company and the shareholders feel as well. So ransomware is probably one of the biggest ones, right? When a company is literally shut down, their operation no longer works. Let’s assume they’re a public company. It shatters the confidence in the shareholders, right? They don’t know whether they’re going to recover. They don’t know if their IP was taken, and they don’t know if that stock price is even going to return. There’s a outside view in the confidence of that company’s ability to stay resilient and execute becomes a real big issue for shareholders as well. The second piece is, and we’ve seen some of the bigger reaches in the news around oil pipelines and supply chains. It goes all the way down to the citizens as well. Citizens are using those companies. These are mission critical companies that are out there. They’re using them for the services that they expect. And once that confidence falters across shareholders and employees, across the customers of that company, you begin to have a real breakdown in the entire economy and the confidence in that business. And these ransomware attacks are ones that literally shut the company down. That’s probably the greatest example of when you see a company like that have an issue overall, but it creates a significant amount of confidence problems for that company.
[00:29:01] Syndie Kim Kerry, thanks a lot for joining the show today.
[00:29:03] Kerry Bailey Yeah, absolutely. I appreciate you having me as well. I think you guys, you hit a lot of the good topics.
[00:29:10] Jim Carlisle Jim Carlisle again. That was a fascinating conversation, Syndie. I’d be curious to get Brian’s take on how it all fits together.
[00:29:17] Syndie Kim Brian, zooming out, how is the shifting IT landscape influencing both cyber crime and the response to cyber crime? Kerry talked about the emergence of large language models, but are there broader forces at play as well?
[00:29:30] Brian Radic The short answer is absolutely. Digital transformation more broadly has resulted in a massive infrastructure change that’s required the cyber security market to adapt to ensure adequate coverage exists in those new environments. If we think about the big shifts that have occurred over the last five to ten years of cloud migration, remote work, proliferation of devices from IoT and BYOD coming online, there’s been a dramatic increase in attack surfaces and vulnerabilities that can be exploited, and security professionals have had to build in capabilities to really close those gaps. You fast forward to today and look at the onset of generative AI and a lot of automation getting pushed through operations. I think while we all see the efficiency gains, we also see the potential exposure that exists and the security requirements that need to be developed to address that.
[00:30:30] Syndie Kim Awesome, Brian. It’s a difficult problem to size, but how would you size the market opportunity today?
[00:30:36] Brian Radic It’s a really difficult problem to size. At the way I think about it is a natural tension existing in between what’s currently being spent on cyber defenses and the current offensive market of cyber crime that was quoted earlier of 10 trillion dollars in 2025 by McKinsey. And so if you have 150 billion dollars really today getting spent on cyber defense and a potential cost of 10 trillion in the near term, there’s a creative tension that’s going to draw natural growth within the cyber defense market going forward. I think the better we all are about building better techniques and having more expansive coverage and limiting the number of threats going forward, you know, we’ll ultimately look to close that gap, I think adding new capabilities on the defensive side. But if we’re doing our job right, shrinking the size of that offensive market in the process as well.
[00:31:35] Syndie Kim Thanks, Brian. That’s fascinating. How do you think about the cyber security workflow, given what Kerry has told us, as well as your own research.
[00:31:44] Brian Radic And so cyber security, when you first start researching, it feels really complicated. There’s a lot of different types of threats. There’s a lot of different things that you need to understand on the infrastructure side to really protect. At its core, cyber security is identifying assets, monitoring them, protecting against known and unknown threats, defending against those threats and ultimately responding once an incident has actually happened. And so if you think about that IT infrastructure and all the changes that we are just walking through, those changes really reverberate against each and every part of that workflow. And so if you think of, for instance, Internet of Things, the proliferation of new devices that are untraditional mobile or endpoint devices, those all need to be identified. And you need to understand what’s on your network, whether it’s having data transfer through it. There’s new protocols that could allow those devices to communicate to each other and need to have a new adaptive way of actually monitoring those communications. And there’s specific threats that are created against those assets that are just different than what a traditional wearable device or computer looks like, so you have to understand that threat landscape to protect and defend against those. And then you also have to have an understanding of the network that those devices are on to adequately respond to the incidents, to minimize operational disruption. And so if you think about every single type of asset class that you’re protecting, there is an intricate knowledge of those assets. But ultimately you’re trying to identify what they are, where they are, are they running appropriately, and how do we ensure they’re protected and online to allow for business continuity.
[00:33:36] Syndie Kim Finally, Brian, how is automation helping to address critical gaps in cybersecurity, particularly the shortage of trained workers that care you mentioned?
[00:33:45] Brian Radic Yeah, it’s playing a big role. We spoke earlier that there’s over three million open roles in cybersecurity, that’s just today. With the current level of defenses and the current level of attacks, as world standing those potentially exponentially increasing level of threats, as threat actors are increasingly integrating these GenAI tools into their capability toolkits, and that’s creating a major resources gap on the defensive side that will likely need to be filled with both technology and people. And if I think about ability to close that gap, I think it’s going to come from increased automation of traditionally manual work streams and then more sophisticated methods of increasing the talent pool through modern training and upskilling of cyber analysts.
[00:34:37] Syndie Kim Brian, that’s a great way to wrap up. Thanks a lot for joining us.
[00:34:44] Jim Carlisle Automation in Action is brought to you by THL. To learn more about THL’s cross-sector strategy to uncover opportunities in emerging technologies, visit THL.com/Automation.
- Verticals
- Technology & Business Solutions (TABS)
- ISO
- Cybersecurity
- Cross-Sector Strategy
- Automation