
Ditching ‘More People, More Controls’ for a Smarter Approach
With all the layoffs happening in the federal government, the world of cybersecurity has not gone unscathed.
At last count, more than 130 positions were cut from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Among other responsibilities, this agency coordinates information-sharing between private industry and the government, a key duty considering the numerous breaches we hear about in the news even under the best of circumstances.
Cyber layoffs are a problem, sure. But they’re also a forcing function – a push to rethink what “doing cybersecurity” means. This is an opportune time to recognize both inside and outside the government that the traditional cybersecurity mindset of “more people, more controls” is outdated. Instead, we should ask the following question: How do we do more with what’s left?
This is where automated cybersecurity, driven by artificial intelligence, becomes of even greater importance. Such technology augments and amplifies human effort, allowing fewer people to handle a greater number of cybersecurity threats. And as we know, those threats don’t stop coming regardless of how many or how few employees are charged with keeping them at bay. Bad actors around the globe take any advantage they can to exploit cybersecurity gaps, slipping past defenses whenever there is a momentary crack in the barriers we erect to block them.
Innovation by Necessity
In such an environment, automation cannot be viewed as a luxury; it is survival. When cyberattacks happen at machine speed, the defensive mechanisms must keep up or they will be overwhelmed by the avalanche of attacks. While human operators will always be necessary, they aren’t always as alert and watchful as is necessary under the increasingly dire circumstances presented by the onslaught of cybercriminals. Humans make mistakes and attackers count on it. Human error itself can be one of the biggest security risks. AI-driven security that is ever-vigilant serves to amplify human powers. It can detect threats, respond to them, and adapt to changing circumstances faster than human teams alone can.
But it augments the humans; it doesn’t replace them.
If we are willing to rethink how we work, then reducing the number of people involved in cybersecurity won’t necessarily result in a weakened security system filled with ever-widening breaks in the defense barriers. Instead, through a combination of smart orchestration, real-time analytics, and automation-first approaches, it is possible to reduce workload while increasing effectiveness. The goal isn’t fewer people. It’s stronger defenses, faster responses, and fewer breaches. AI-driven cybersecurity isn’t about headcount, it’s about results.
Consequently, a previously overburdened human team can be more productive and efficient as the automation relieves it of some of the strain and the responsibility of detecting and warding off those relentless bombardments.
Leaner, Faster, Smarter
Moving forward, the technology, processes, and approaches to battling cybercriminals are likely to get even better because when resources are limited, innovation bubbles to the surface and creative people devise new ideas. Cybersecurity teams are shrinking while cyber threats continue to grow, but that isn’t the real problem. The real problem is that we built security models assuming resourcing can be framed as linear to threat. That simply hasn’t played out over the last 20 years.
This isn’t just true of cybersecurity. In nearly all fields of endeavor, the best solutions emerge not from an abundance of resources but from necessity brought on by their scarcity. The truly innovative do their best work when they have one hand tied behind their back and they are on an impossible deadline. The trick is to turn the challenges we face into opportunities to create greater efficiency and impact.
And that can’t happen by stubbornly sticking to old methods and routines. It’s time to ditch legacy thinking and embrace an AI-driven cybersecurity that’s leaner, faster, and smarter. Less bureaucracy, more adaptability. Fewer manual processes, more intelligence.
The next era of cybersecurity won’t be built on headcount—it will be built on innovation.
__
About John Spencer-Taylor
John Spencer-Taylor, author of Change the Box: A Guide to Dream, Incubate, and Scale Your Innovations, is co-founder and CEO of BrainGu. Spencer-Taylor has nearly 25 years of experience in such areas as software development, business intelligence, financial systems, and cybersecurity. He and his team at BrainGu build platforms that help organizations deliver higher-quality software and are routinely deployed to assist, advise, and enhance the innovation efforts of organizations around the world, from the energy and finance sectors to national intelligence and defense agencies. Spencer-Taylor has a bachelor’s degree in computer science from Grand Valley State University.
Ad
Join our LinkedIn group Information Security Community!