CyberWire Daily - The cybersecurity paradox. [CyberWire-X]
Episode Date: September 20, 2020The cybersecurity space is nothing if not crowded. Yet despite all the fantastic offers and promises being made by vendors, the sober reality persists that spending has not equated to improved securit...y. Did you know that 80% of IT security budgets are focused on detection and containment controls, even though 70% of security experts believe that a greater focus on prevention would strengthen their security posture? Joining the conversation are Bob Olsen from Ankura giving his insight on the many options out there when buying cyber security systems and platforms. Later, we will be joined by Steve Salinas, Head of Product Marketing at Deep Instinct, as he addresses this paradox of why organizations are spending their scarce budget in ways that are contrary to their interests. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K. affecting organizations around the world. I'm Dave Bittner. Today's episode is titled The Cybersecurity Paradox.
The cybersecurity space is nothing if not crowded,
yet despite all the fantastic offers and promises being made by vendors,
the sober reality persists that spending has not equated to improved security.
For example, a recent industry survey revealed that 80% of IT security budgets
are focused on detection and containment controls, even though 70% of security experts believe that
a greater focus on prevention would strengthen their security posture. For insights on this
contradiction, I speak with Robert Olson, Senior Managing Director of Cybersecurity,
Information Security, and Information Technology Strategy at advisory firm Ancura.
Later, we'll be joined by Steve Salinas, Head of Product Marketing at Deep Instinct, as he addresses this paradox of why organizations are spending their scarce budget in ways that are contrary to their interests.
A program note, each CyberWireX special features two segments.
In the first part, we'll hear from our industry expert on the topic at hand,
and in the second part, we'll hear from our show sponsor for their point of view.
And speaking of sponsors, a word from our sponsor, Deep Instinct.
Deep Instinct is changing cybersecurity by harnessing the power of deep learning,
the most advanced form of AI, to prevent threats in zero time.
Unlike detection and response-based solutions, which wait for the attack before reacting,
Deep Instinct's solution works preemptively.
By applying end-to-end deep learning to cybersecurity,
files are automatically analyzed prior to execution, keeping customers protected in zero time.
The outcome is resilient prevention that provides consistent security day in, day out.
Learn more about the benefits of incorporating Deep Instinct into your cybersecurity defense by visiting deepinstinct.com.
That's deepinstinct.com. And we thank Deep
Instinct for sponsoring our show. I think it's a confusing landscape, to be honest. And what
I think is leading to a lot of the confusion is just the number of options and choices that organizations have.
That's Bob Olson. He's Senior Managing Director of Cybersecurity, Information Security and Information Technology Strategy at advisory firm Ancura.
And so I think that is where organizations really struggle.
And so I think that is where we, you know, organizations really struggle.
Most are fairly understaffed, even if they're using, you know, an outsource provider to assist them.
They're just, you know, they're trying to, especially with the challenges that they've had and continue to have with sort of the distributed workforce as it relates to COVID.
You know, they've really got their hands full. So it's even harder, I think, for them to dedicate any kind of time or resources
to really look at, you know, what are the products that are out there, you know, and also, honestly,
I think even more importantly, what are the products that they've already invested in
and how, you know, how should they be, how could they be leveraging those? Are they getting the full value out of those? So the last thing they need to do is just start introducing new products or additional products into their environment when they don't even, if they don't even really have a good handle on, you know, what they already own, what they've already bought and are, you know, probably under utilizing.
How do you go about evaluating that, kind of helping someone take stock of where they stand with the things they're currently using?
The best way that I've seen that approached is to really use one of the frameworks that are out there. So one that we commonly see and use with clients is what used to be known as the SANS Top 20 Critical Controls.
It's now the Center for Internet Security, Critical Security Controls.
And what's nice about that is it's really tool agnostic,
meaning that it's a way for an organization to really look at their program
in a fairly tangible and sort of unambiguous way
and look at the needs, you know, relative to, you know,
their specific business, the industry they're in, the type of organization that they are,
their sort of operating model, the threats that are out there. And really, instead of looking at
it from a, hey, what tools do we have and what functions do they play or what role do they play
and what functions do they have, sort of flip that around and say, okay, here's what we need to have in place to have a mature security program.
And how are we going to accomplish or meet these specific set of controls?
And what are our options, you know, and really look at it from a security
program maturity and threat kind of landscape to then say, okay, because there's lots of
ways to, you know, meet the different requirements within not just the critical security controls,
but some of the other, you know, frameworks and standards that are out there.
And it really is, okay, what makes the most sense? And you always want to, as part of that exercise, it's important to kind of do a, really a security technology review.
To also understand what tools have we already invested in?
What we find a lot of times is organizations have done a pretty good job of investing in tools.
have done a pretty good job of investing in tools.
They've generally not done a very good job of integrating those into their environments
where they actually add the value that they're expecting.
And particularly in larger organizations,
oftentimes we'll see where they may have bought,
for all the right reasons as far as intentions,
but they may have bought three or four or five different products
that really are all fairly kind of duplicative
in a functionality standpoint.
So where it's helpful to really base that off of a framework,
more of an objective exercise,
is it allows you to then align to meet this specific to meet this, you know, this specific requirement.
Here are the tools that we have in our toolkit.
And it really allows you to kind of objectively categorize those, identify, you know, identify,
categorize, and then figure out, do we really need these four things?
Or is there one, you know, that's kind of best in breed that we really need to focus
on?
And it also allows you or really enables you to identify gaps.
You know, so maybe you thought, or maybe an organization thought that there was a particular tool or suite
of tools that was helping them achieve a specific requirement. And reality is when they go through
that exercise, inevitably there's gaps or kind of blind spots. And so that then helps them figure
out, is there a tool
that they've already invested in that could potentially be leveraged to fill in that gap?
Or do we need to go look at, you know, a new piece of technology or a new partner? You know, again,
there's lots of ways to kind of solve things. Do people tend to fall into a rut of momentum that,
you know, we're using this tool, we've been using this tool for a long time,
our folks know how to use this tool. And so, you know, there's that natural,
I think, impulse to resist change. Yeah, absolutely. Definitely, you know,
most IT organizations, the tools that they've invested in, they've, you know, put training,
you know, folks through training, they've got, you They've put folks through training.
They've got probably a significant amount
of hands-on experience with the tool or set of tools,
depending on how long it's been in their environment.
And so I think it's unfortunate,
but I think it's probably not too surprising
that a lot of IT organizations or security organizations within at least the clients that we deal with are hesitant to kind of look outside, look at new products, look at new ways of doing things.
One thing that's, I think, helped in one sense is as organizations are rapidly kind of migrating towards more cloud-based environments.
A lot of the, what I'll call legacy IT or legacy security tools, you know, aren't really
designed to effectively operate in those types of environments. And so it's really forced them
to look at really a whole new set of technology to be able to perform a lot of the same functions
that they were using, again, more of the legacy toolset, if you will.
And where it gets even more complex is when they've really got to both, if they have a
hybrid environment, they've really got to kind of balance both.
So maybe they're not going to have to abandon their legacy toolset, but they may also then have to adopt a whole second or additional tool set
to really focus on cloud security and cloud management.
How do you advise them in terms of dialing in those numbers, the percentages of their spend
on things like detection versus containment versus prevention.
You know, how do you evaluate what the best mix would be for any individual client of yours?
Yeah, it's really important.
I mean, that's a key point.
It's really important to, again, align the tools and the spend,
kind of the value that it brings with, you know,
tie that to the risk that brings with, you know, tie that to the risk
that it is, you know, hopefully helping to mitigate and or, you know, accelerate the time
to discovery, if you will. And again, I think it's something that we see organizations often do is
they forget that at the end of the day, really what they're trying to do is protect the data
that exists within their organization. And so if you look at it from a kind of a data risk
perspective and really a tool optimization perspective, it's important to quantify the
value and kind of in the role or of the role that the individual tools play. Not all are created equal. And so part of that kind of assessment
or using the framework
is also really trying to articulate
and understand the value that the tool brings
and really kind of how it fits into the different categories.
Again, the NIST cybersecurity framework is a great example
where you've got the five categories and it's very easy to allocate or bucket tools into the role or
the support role, if you will, that they have. One of the most valuable things, which will probably
sound very basic, but it's always amazing to me how few organizations even have an inventory of all of their tools.
And not even just security related tools, but, you know, just an inventory of all of their, you know, tools that they use to run their business.
Oftentimes it doesn't exist. And so that's one of the first things that we'll do.
And so that's one of the first things that we'll do. And as we're doing that, we'll then also want to understand, you the variety of costs of those tools. Do you
think that we're in a state here where most businesses, most organizations can find an
appropriate level of protection that falls within what they're able to spend?
I think with the advent of managed security services, which have been around for a number
of years, but I think are really kind of coming into their own, we're at the point where a
significant percentage of our small to mid-sized clients are, for some of the more basic kind of security products, things like antivirus, anti-malware,
some email filtering, those types of things. They're still investing in those and
potentially managing those locally. But where they're really adding some sophisticated
security capabilities at very reasonable price points is when they're going to more than manage security services route.
So, you know, managed detection response,
endpoint detection response,
those types of offerings that allow them to, you know,
benefit from security infrastructure
that is comparable to an enterprise-level organization, but at
very attractive price points.
I think a lot of the managed security service providers have done a good job of becoming
more competitive from a pricing perspective.
I think they've had to.
I know we are seeing a significant uptick in not only interest, but also onboarding new clients specifically around managed security services. even more resource intensive to properly, you know, protect and defend endpoints, you know,
which are right now extremely distributed in most organizations. I don't see a lot of at the small
to midsize level sort of product buys, I would say, again, just because I think there's a good
understanding now that it's not just buying the product, but you have the folks that have the
ability, you know, the knowledge and the skills that are necessary to actually operate and maintain
those tools.
And, you know, it's not, you know, fair to assume that if you're, you know, if an organization
is using some type of outsourced IT provider, you know, odds are that they probably are
limited or have a fairly limited set of security tools
and skills as well.
And so again, that's where we kind of see,
we're seeing more and more of a,
what I'll call a layered approach
where they're still using a firm
for more traditional kind of IT support, IT help desk,
but then they're layering on top of that,
a more purpose-built kind of managed
security service. And we're also seeing, which is interesting, a similar approach,
but for different reasons at the more enterprise level. And they're using the managed security
services, and they, you know, in most cases have pretty robust internal security teams,
but they're using those, you know, managed security service
providers as really, you know, sort of supplements or complements to their existing in-house
teams.
So really, you know, kind of a reserve force, if you will, that they can call in and leverage
as appropriate.
What are your recommendations in terms of organizations kind of taking stock and having an audit of the tools that they're using to take a look and make sure that they're properly calibrated?
you know, has the organization invested in. A lot of times we find with organizations that have been in business for a while, you know, people come and go, that's just inevitable in,
you know, today's economy. And so we oftentimes find organizations have invested in tools and,
you know, the accounts payable or, you know, just continues to process invoices and stuff.
And so we wind up with kind of this layered approach
of, if you will, of tools that have just kind of continued to grow. And as new folks have come in,
they're buying their own. So really, the first thing is just really understanding
kind of the full suite of tools that the organization's invested in. And then even
more specifically within that inventory, understanding how the organization is using the specific functionality that those tools bring.
Just because a tool can do 100 things, role that they are playing in the organization,
the cost associated with those, and really kind of the value that they bring to the organization.
And once you have that data or that information pulled together, then you can start to really say,
okay, you know, relative to kind of the best practices that are out there on
the full set of capabilities that we need to have, where do we have gaps, where do we have,
you know, redundancies? And, and I think this is the piece that a lot of people miss, you know,
what are the threats and risks that are out there that are specific to us? And what should we be
building our program to defend against, really? Because there's a
million threats that are out there. It doesn't mean that they're all equally probable or impactful
to an organization. And so tying all this together is really important. And, one of the outputs is really that a well thought out, you know, sort of security technology architecture that clearly articulates how everything fits into the program, the benefits of it, the role that it plays.
And again, identifying where there are gaps, where we need to bring in a partner or where it maybe makes sense.
where we knew you need to bring in a partner or where it maybe makes sense.
Or it also can lead into, hey, we're spending $100,000 on this tool and we have to manage it ourselves.
Is there a better option?
Could we reduce that cost from $100,000 to $50,000
by going with some kind of a managed service
and not only reducing our costs but getting a a better, you know, a really sort
of a better product for it, if you will.
We've got folks that are, you know, behind the monitors.
This is what they're doing 100% of their time.
And it, you know, offloads in some cases, internal resources, which they can then deploy
for other higher priority.
That was Robert Olson from Ancora. Up next, we'll hear from our show's sponsor, Steve Salinas from Deep Instinct.
Well, I mean, I think the first and foremost for any security team, security organization,
is to ensure that whatever business or entity that they're supporting can do what they need to do.
So you want to make sure that you're not going to inhibit business.
If you're like a retail organization, that people can go to your website and buy products, news, whatever it might be, you're there to support the business.
But you have a really difficult job, though, because you need to support the business, but you also need to keep it secure because you could support the business by having no security.
And then all your data is being stolen and tons of bad things are going on.
But the business is continuing, at least for a while. Obviously, that's not the approach they want to take.
A lot of organizations will take a very conservative
approach to building their security
infrastructure or approach. A lot of it
comes back to just based on the people that are running it and what has happened
over the history of cybersecurity. Let's think about it. Have we ever seen any sort of prevention solution
be 100% effective all the time? No, it's not possible, right? So a very conservative approach
would be, you know what, I'm going to invest some money in prevention because I have to,
but I'm going to focus my efforts on making sure that I
have the best detection tools available and I'm able to respond as fast as possible. What they
really want to do is drive down what you might call dwell time or the time between when an attack
is identified and they can actually take some action to stop it. And I think that's been the
driving force for quite a while. But it's really interesting, as time has progressed,
the cybersecurity vendor market space has gotten huge.
If you think about over the last couple of years, hundreds and hundreds of new options
are now available to these security decision makers.
So they don't have an easy job. They have lots and lots of technology they can choose from.
Their budgets, while a lot of them, I think, have benefited from slightly higher or maybe even a lot
higher budgets, you know, you're almost presented with this unending menu of options to secure your
environment. So it's a pretty daunting task. You know, it sort of reminds me of someone
faced with the task of protecting, for example, a retail store.
As you describe, obviously I don't want people walking off with my inventory out of my store.
But at the same time, if I make this place so unpleasant to shop in,
if I'm patting down everyone as they come in and out of my store,
well, people aren't going to want to come there.
And so it also strikes me that, you know, something that all retailers deal with is a certain amount of, I think they refer to it as shrinkage.
You know, where, yeah, some things are going to walk out the door and you need to deal with that.
I mean, are we in a kind of a similar place when it comes to data?
Is there a place for that kind of acceptance that, you know,
nothing's 100%? Sometimes things are going to happen? Well, I think there is. And I think
that's where we have to help the security decision makers in minimizing that. Because, I mean, yeah,
they're going to operate with some level of risk. So one good example is, think about logins,
right? So when you log in your computer, and I do it all the time, I mistype my password.
I probably do it three times a day.
Now, you could put a rule in place like, oh, mistype password.
After two times, lock the computer.
Well, you know what you're going to end up with is a bunch of employees that are calling the help desk, irate.
They can't get their job done.
They're on the road.
So no one wants to do that. So there's a level of risk
that most organizations are going to be okay with. Even maybe 10 failed
logins is okay, maybe even 20. And they know
that some of those potentially could be an attacker trying to
infiltrate the organization, but at the same time they have
other controls in place to try to detect that stuff. So yeah, you know, infiltrate the organization. But at the same time, they have other controls in place to try to detect that stuff.
So, yeah, you're going to operate with some level of risk.
And, you know, what we do at Deep Instinct, we are a prevention-first cybersecurity company.
So I think when you think about risk, I think a lot of people right now are probably a little too comfortable
with the underperformance of their prevention technologies they have in place
for a number of different reasons, because of the hassle of changing them,
or for the belief that they can't get any better.
But, you know, it's not uncommon for an AV solution that's in place,
especially a legacy, or even a next-gen, to have an efficacy that is significantly lower than 100%, like way lower. But they're okay with that. And the way that they mitigated
it is building a defense in depth strategy with lots of
detection response tools, but then it can kind of get really cumbersome. And over time,
and I think that's what we see today, is that they've built these
really complex security stacks that are kind of getting unwieldy
and harder to manage every day.
I'm glad you brought that up because that's actually where I was going to go.
I was going to ask you about defense in depth and what leads to that.
I mean, I can see the appeal of having a bunch of different things in place
and being able to sort of turn those knobs on the various defenses that I have
to try to customize something
that best suits my environment. Well, I think a lot of times, a lot of the innovation that comes
out of cybersecurity is because of lacking of previous technologies that were delivered.
So you could go all the way back to like just basic antivirus. Back in the day when the number
of threats were small, did a pretty good job. As threats started to evolve and change,
AV started to fail,
then you had next-gen AV come in.
And that's what a lot of people use today.
But then even with next-gen AV,
there's like a gap there.
So what do you see?
You see things like endpoint detection and response
or the newest one being XDR,
kind of like across your environment,
detection and response.
But then you start to see,
you know, the good news, I think,
is there's not a lot of ideas.
The cybersecurity, the people that deliver products and services,
tons of great ideas to kind of fill in those gaps.
And I think it's all delivered with the best intent.
But as the consumer of all this different technology,
wow, it can really get to where before you know it, you have 50 products
and you have 10 different agents deployed. You have 12 different management consoles.
And you're like, whoa, all this stuff is like, how am I going to manage all this together?
So I think that's how you end up with this. And defense in depth, I think, is the right
approach, but it's got to be the right depth. You don't want to get too
enamored with the latest and greatest
technology that's coming out, but look at the core foundation of your
stack. Is it built on a really strong foundation that's going
to give you the fewest gaps, I guess is one way to put it.
Do you suppose that, I mean, are there chief security officers
who find themselves sort of playing defensively to say, if something happens, I want to have a whole array of products in place so that when I'm asked, hey, you know, how did this, I don't want to get caught with having something happen and somebody say, why didn't you have a product in place that could defend us against this? That's a really good point. I think you definitely
see that from security teams and companies that we talk to. I mean, you go into, like I say,
you go into some companies and they have every product that you could think of. It's like, wow,
you guys are really well-funded. And a lot of it comes from that, like, hey, we're going to get the
budget, we're going to bring in the technology. And I do see that point.
But at the same time, and you see some of the bigger breaches that have occurred
over the last few years, the really sad part about it is the technology
they had in place actually saw it. It identified it. It identified
that there was some suspicious thing that happened. But you know what? It got lost
in the sea of other alerts.
So the intent and the idea that, you know what,
I want to really cover all my bases is the right idea.
But I think how their bases are being covered,
that's what we want to try to do.
The real way you're going to solve
or make some impactful change
in the way you secure your
environment is to really kind of take a step back. Let's start from the beginning. And I think most
security practitioners would think, all right, the first thing I want to do is try to prevent as much
as I can. All right, so let me look at this tool here. What am I doing here? Am I preventing as
much as I can? Okay, fine. Maybe I do prevent
it a lot and I'm comfortable with it. And then start to build on top of that. You want, for me,
my approach would be lean and mean, right? Let's get only the things we need and let's make sure
that we can really use them. No, there's no point in bringing in technology that's too complicated
to use, right? That's just not going to help you get to where you need to go. Well, when you say
prevention, I mean, dig into that for me. What exactly, what does that cover? So yeah, that's a really good question
because I think prevention means a lot of things to a lot of different people. When you think about
preventing, we're, we are trying to think about like the, the kill chain or like how an attack
takes place. Prevention means you want to prevent it as close to the beginning of the attack chain as possible.
So take a very basic example.
Let's say that someone has sent you a phishing email.
So ideally, once the email comes into your inbox, you would want to have the ability for whatever some sort of technology to say, you know what, this email has a URL in it or it has an attachment that I right now,
I can tell that this is malicious. So I'm going to go ahead and remove that from your inbox.
I might send you a little notification. The security team gets a notification. And guess
what? I have prevented that phishing attack before it even had a chance to cause problems.
So that's like a really basic example of prevention. As opposed to, I mean, let's walk
through a different possibility on that same sort of phishing attack.
What would, I'm thinking of things like detection and containment.
How would that play out differently?
Sure.
So let's kind of, yeah, let's move forward.
So the very earliest one would be that.
I remove it from your inbox.
Let's say I don't.
And let's say that the employee is working and they pop open and, oh, yeah, I'm expecting this PDF from this person.
And they just kind of open it up now the attack has has silently initiated but you can still prevent
right maybe the the damage has not occurred yet so maybe there's some sort of a runtime prevention
that can occur right so you see what's been loaded into memory and you identify oh this is malicious
you stop it well let's say that doesn't happen either. And let's say that some scripts start running.
So you can use something like a script control that's monitoring for suspicious behaviors from scripts.
So as certain things start to happen in scripts, boom, okay, now we identify it and we stop it.
But let's even say that doesn't happen.
Now the attack is underway.
But you notice that, all right, there's some weird traffic on my network,
some command and control, it looks like command and control traffic. Now you have something else
there. So, I mean, I think everywhere along the line there, you can make the argument, all of that
is prevention. I guess the one way that you would not prevent is if the employee gets the phishing
email, they open it, they open the PDF, the attack starts, the command and control communication starts, the attacker steals a whole
bunch of data, and then they leave. And no one ever knew what happened.
Right, right. So how do
you recommend that folks come at this
from a budgeting point of view?
What do you think the wise approach is?
Well, I think the best approach is to, as much as possible, try to get fresh eyes on what you have
in front of you, right? And look at the tools that are in place, the processes you have,
the resources you have available. It's really tough right now to find additional, you know, skilled security analysts.
So the people you have are extremely important.
They're always going to be the most important part of your team.
And then look at the budget you have and try to sketch out, like, where are all of the, like, in your current security stack,
if you did some analysis, you could probably identify where a lot of the alerts are coming from.
Right?
So there are some things in there that just might not be working correctly.
Maybe they need to be tuned.
Other things to do, and like we always would recommend, is to look at that,
depending on how you look at it, at your prevention technology that you have in place.
And deep inside, like I said, we are a prevention first cybersecurity company,
but we do offer detection response as well. But we do believe the best approach is to prevent,
prevent as much as you can up front. So look and see how is that prevention control you have in place working. And I would say if it's not, if it's not giving you a really nice efficacy out
of that, there are so many different options in place. Obviously we like what we deliver,
but you should go out and investigate and look at see can i replace this with something that is
better more streamlined optimized and and tuned better for today's attacks so that's what i would
do i would take that evaluation and then we're certainly saying you're going to want detection
response tools you're going to want to have a nice defense into depth strategy but i think if you're able to i kind of look at it look at it as like a net right if you
think about your prevention that you can do at first it's like a net now you want your net to
have very small holes in it i guess maybe not the best analogy but like if you're trying to like i
don't know clean your pool or something you know you want to be able to catch a lot of stuff right
with this net but if it has big gaping holes in it it's not going to catch a lot right you're trying to like, I don't know, clean your pool or something, you know, you want to be able to catch a lot of stuff, right, with this net. But if it has big gaping holes in it, it's not going
to catch a lot, right? You're going to end up with a lot of holes that you have to go back and figure
out, well, how am I going to find this other stuff, right? So try to get that as solid as you can,
test it, right? Bring it in-house, run it through its paces and see if it's going to be,
meet your needs. And I also recognize that a lot of
security decision makers don't necessarily have a ton of time, right? Because the part of the
problem is if a big bad breach does happen or a compromise happens, one of the natural things
that can occur is that people get replaced and leadership changes, right? So you want to try to
do this fast and effectively,
but the good news for the security decision makers is you do have a lot of options. You don't have
to feel stuck with what you have in your security stack today. You can replace that stuff and you
can replace it easily, faster than ever before. And it's very competitive and you probably get
a good price for it. Where do you think we're headed? Is the word getting out? Are folks taking a better approach to this? The evolution, is it heading in the direction that
you think it needs to? Well, I think that you're seeing lots of different ways to secure an
environment. Security decision makers are getting smarter and smarter every day. And I think there's
a lot of built-in from their work in the field, understanding what needs to be done. And I think there's a lot of built-in from their work in the field,
understanding what needs to be done.
And I think what we're seeing is kind of some refinement
on these different technologies.
You see a lot right now that happens, and this happens on a fairly regular basis.
You end up with some consolidation.
So bigger security vendors consolidate, and then you have kind of a better solution.
So one of the things I think we're going to see more and more and more is how the
technology and the human expertise are blending together. I think what we're going to see over time
is more tools that are really helping drive the decision.
The security analyst and the security expert, they're still obviously
integral in the flow, and that's not going to change. But they need
help. And that's what they need their technology to do. I think what you're going to see
over time are these lean, mean security stacks that have a lot
of autonomous decision capabilities built in.
The continued evolution of technologies like we're using, deep learning
to solve these more complicated challenges and identify more complex threats.
So you're going to have these security analysts that are able to really put their experience and their knowledge to better use.
At least that's our hope.
And I think we'll get there.
Thank you. where they're co-building the next generation of cybersecurity startups and technologies. Our coordinating producer is Jennifer Iben.
Our executive editor is Peter Kilby.
And I'm Dave Bittner.
Thanks for listening.