Soulful Automation: Maximizing Machine Learning for Efficiency and a Higher Purpose

By Trellix · September 26, 2022
This blog was written by Aparna Rayasam

Here at Trellix, meaning and soulfulness are transforming cybersecurity to benefit the collective at a time when talent is scarce and cyberattacks are more insidious.

As Trellix CEO, Bryan Palma has written and spoken at length about how our company and the cybersecurity industry can reimagine tech by attracting a new generation of diverse talent while bridging the gap between the demand and supply for experts in the field.

And, more recently, my colleague, Michael Alicea, emphasized the dynamic steps Trellix has taken to improve diversity in the workforce through three exciting programs and partnerships: the HACE-Trellix Cybersecurity Accelerator Program; our partnership with GOTARA, and our partnership with the National Cybersecurity Alliance (NCA) within the HBCU (Historic Black Colleges and Universities) Career Program. This progress is not just essential, but also the natural outcome of our sustained focus on what we do – throughout the industry – as “work of the soul.”

What Trellix and every company in the space must realize is that these goals will not only help transform who and why we hire, but also ensure that products and services in cybersecurity continue to change – and protect – lives.

Preparing for an amplified talent desert amid grave cyberthreats

There is a lot of alarm right now about the lack of qualified cybersecurity experts. The industry is not alone, as this trend has evolved alongside the Great Resignation, when many, including highly skilled tech workers, changed jobs or quit to find the right salaries, benefits, work arrangements and callings.

According to the Trellix-commissioned Vanson Bourne survey of 1,000+ cybersecurity professionals across nine countries published a few months ago, 2.72 million cybersecurity positions remain unfilled globally and 3.5 million are projected for 2025. According to Cybersecurity Ventures, the number of unfilled cybersecurity jobs worldwide grew 350% between 2013 and 2021, from 1 million to 3.5 million. The problem is especially acute because cybercrime is showing no signs of relenting, with costs associated with it rising to $10.5 trillion annually by 2025, up from $6 trillion in 2021.

Those of us work work in cybersecurity can help elevate the industry through the dynamic changes in recruitment being shaped by the diversity push and evolving applications for machine learning.

How machine learning is tackling the talent shortage

Everyone in cybersecurity will have to be more efficient than ever as coveted technologists are more sought-after due to worsening cyberthreats. At Trellix, we are considering automated approaches that organize functions more logically, leading to economies of scale that increase production and lower or spread costs. Automation is an obvious way to leverage software and maximize contributions from mature and junior staffers.

1. Research

   We are in the process of exploring what is common across all of these research functions to determine which can be automated. In this environment, a researcher’s time is precious and must be used in, say, training the datasets, rather than running the queries themselves. Less interesting and more processing-heavy work can be delegated to programming and computing tools. The human element must be as optimized as possible.

2. Private sector

   Finding high quality talent for their growing security teams has been challenging for customers. We want to encourage the same efficiency solutions that we employ for ourselves. For example, partnerships and vendors like Trellix can address the bulk of customers’ security challenges in a more comprehensive manner, given how many ways vulnerable network systems can be exploited. These goals are perfectly suited to the XDR platform, which allows security operations folk to aggregate all of the pathways for an attack and ensures that the problem is solved with as little disruption to their processes as possible.

3. Public sector

   Applied aggregation has led one of our clients, a government agency, to reduce the number of people operating on a security posture. People, not machines, used to watch network traffic. But the range of threats from actual breaches to suspicious activity and potential threats were not addressed. So we created playbooks that aggregate across multiple vectors. This particular customer has hundreds of agencies relying on their lead, so this streamlined, more efficient process has been invaluable.

A call for unity

Cybersecurity saves lives – and balance sheets. But there isn’t much of a security community across the vendors. Typically, attacks are coordinated, so why aren’t security vendors? The industry needs to work in tandem. Say a security operations member is dealing with interfaces from three different organizations. This requires logging into every interface and repeating the same tasks. Imagine if one interface provided that abstraction over everything?

The cybersecurity eco-system is fairly well informed, but we could do better. If we uncover critical information at Trellix, there should be a mechanism that allows us to share information with our peers without worrying about undermining our competitive edge.

At Trellix, we welcome a more open framework for collaboration to ensure a level playing field – and the right kind of competition. Playing to each other’s strengths, so that we elevate the industry, leads to more value for customers, whether members of the private or public sector. No one wants to waste time on tiresome tasks that impede more dynamic results and don’t suit our company, our industry or our customers. Or the world.