Freedom is not something to fear; in fact, it’s an essential component of creativity. Chaos is something to avoid, however. Many creative people confuse freedom with chaos and think a chaotic environment inspires creative passion. The most creative environments are those that provide enough order, and essential security, that allows individuals to stretch out to create something new. As security information management has evolved with the cloud, a new form of defense has been required. Dave Frampton, the VP/GM Cloud SIEM & Security Analytics at Sumo Logic, describes this system as living in the middle of the cloud chaos

Main Takeaways

• Moving Into the Cloud Chaos: If the action is in the cloud, then security needs to be in the cloud too to ingest necessary data and to disrupt attacks. The security product must be at the same level, and made with the same parts, as that which it is intended to protect. 
• Platform Disrupts Silos: In companies, silos are often made out of a sense of necessity. People work in their areas with their specific knowledge and access. In security, however, it is important to have a platform that connects those on the application and security teams so they can work together to protect the company.  
• Automation with Ethics: There’s a drive to automate as much as possible in the security realm because there is so much data and so many threats with everything moving so fast. This is reasonable, but humanity must lead decision-making concerning automation. It’s a matter of ethics. People must choose when to automate and for what purpose. They must weigh the pros and cons of their actions and accept any consequences. 
• Fear and Greed: People are often driven by fear and greed. This is the case when considering A.I. and automation advances in security. On the fear side, it’s reasonable to be concerned about potential technological overreaches and unintended consequences. On the greed side, A.I. and automation has vast potential to deal with so much incoming data and to make quick decisions.

For a more in-depth look at this episode, check out the article below.

Article:

Freedom is not something to fear; in fact, it’s an essential component of creativity. Chaos is something to avoid, however. Many creative people confuse freedom with chaos and think a chaotic environment inspires creative passion. The most creative environments are those that provide enough order, and essential security, that allows individuals to stretch out to create something new. As security information management has evolved with the cloud, a new form of defense has been required. Dave Frampton, the VP/GM Cloud SIEM & Security Analytics at Sumo Logic, described this system as living in the middle of the cloud chaos. 

“What you really need to do is rethink this and deliver this SIM from the cloud, like as a cloud service itself,” Frampton said. “So that’s it’s right there in the midst of all that chaos [and] able to ingest all of that data and it’s savvy and smart about all those different new threat surfaces, because, in and [of] itself, this service is built and made from all of these same components: microservices, and containers, and modular, modern software that communicates by APIs.”

By living in the midst of the cloud chaos, a security platform such as Sumo Logic is in the middle of the action and is creating a secure place for business and creativity to flourish. In Greek mythology, Atlas was forced to hold up the sky as a punishment by Zeus. Cybersecurty forces must hold back those with ill intent and to do so they dwell inside the chaos and create a safe place there. They don’t do this because they are condemned to this fate. Instead, they do so because they have chosen this role of protector and this is their mission.

On a recent episode of IT Visionaries, Frampton shared how cybersecurity has evolved to decrease silos and increase the use of A.I. and automation. He explained how humanity, and ethics, are required to make judgements on how A.I. and automation should be used to further security aims. First, he described how the old world of security information management used to operate on a three-tiered system for security analysts, but that security platforms are now disrupting that system.

“The current state of the SIM market is all of the players like Sumo — who’ve come in with these new architectures defending the new threat surfaces with new approaches and new analytics — are disrupting a lot of the legacy players that built up these architectures and businesses and installed bases of years and years and years of this on-prem evolution into this three-tiered analyst system,” Frampton said. 

In order to defend against attacks, there is a push to automate and to use A.I. Frampton suggested the desire to use A.I. and automation is driven by both fear and greed. He described the fear about A.I. accordingly.

“I want to understand why this concluded what it did,” Frampton said. “I want it to be a transparent algorithm. Also, I want to make sure that if it did identify something and, I say, ‘Wow, you were right.’ Then, I want to make sure that every time after that it flags that same thing and it doesn’t get too smart for its own good and decide, ‘Well, no, there was some other subtle difference.’”

He suggested a fear of automation comes primarily from a concern about losing control.

“One, it’s just an intuitive loss of control, but two is what happens if somebody hijacks that automation thing?” asked Frampton. “Then, [it’s a] I’ve really created a monster, type-thing,” 

Although there are certainly fears to consider, Frampton uses the word greed in a more positive sense — as in that people are greedy and eager to use the technology to help with security concerns. 

“You have to realize, yes, there are those fears about leveraging those two technologies,” Frampton said. “But the flip side of it is most of these enterprises in a traditional type of defense, they realize they’re only getting to less than 10% of the alerts that are thrown by these systems…It’s almost like, look, we’re going to have to start migrating to the future here and leverage technology to help us scale. Otherwise, we’re kidding ourselves that we’re actually defending, and we’re just reduced to this herd defense where you just hope that you’re in the middle of the herd and not picked off the edge type-of-thing.”

Using A.I. and automation is absolutely necessary given the amount of data in the world as well as the onslaught of attacks from bad actors. When it comes down to it, it’s a matter of people owning their responsibility to create helpful technologies within an ethical framework and with thoughtful guardrails. 

“The tech is actually getting to the point where you can pretty efficiently set up a lot of these automation workflows and even take humans out of the loop,” Frampton said. “But do you want to take humans out of the loop, and who has to agree that you take those humans out of the loop, and who needs to approve ahead of time? Who needs to approve if there’s a checkpoint in the middle? This is something many companies don’t really think through. They just jump in with the tech and, ‘Oh, now, great, we have this automation capability,’ and then they quickly realize just because you can doesn’t mean you should.”

In the real world, there are no titans like Atlas bound by fate to perform an amazingly challenging task. Instead, there are regular human beings who must ethically create supportive technologies to secure the world.

“Cybersecurity is on the cutting edge of really modernizing the economy into a digitally transformed, new economy and the inevitable momentum behind that just forces security to play catch up and do everything possible to get ahead of it to achieve the mission,” Frampton said.

To hear more about how Frampton and Sumo Logic, among the titans of the security industry, are living in the cloud chaos and harnessing technologies to safeguard companies, check out the full episode of IT Visionaries!