Dr. Johnson outlines three proactive security measures that you can do right now to spot the adversary:

1. Hunting: Assume you’re compromised; take the offense. Breaches are based on three things; a visible IP, an open port, and a vulnerable service. Focus your efforts there.
2. Zero Trust Model: Our innate nature is to trust and love. Think in terms of whitelisting instead of trusting. Whitelisting means someone asks permission to access before you grant the ability to access the network. The default can no longer be that if you’re in the network, then you are trusted. Trust must be earned.
3. Cognitive Security: Allow products to do things for us. Also known as advanced automation, it’s the most disruptive part of proactive measure. Allow systems to think and do. Right now they think and learn to analyze for us, then wait for a human to react. Let the machine close ports and blocking IPs. Let your people use their intelligence and creativity to keep you ahead of the adversary.

“The world is moving fast. The world is complicated … There are a tsunami of devices being lit, turned on, communicating back,” Dov Yoran, Senior Director of the Security Business Group at Cisco, explained at a recent security summit. “These things aren’t necessarily built with security in mind.”

Dov walks through the challenges and complexities of operating in today’s environment, and how it’s evolved through the years. What has changed? Why is it more difficult?

Inevitably, you will have a security breach, some sort of malware will bypass your company’s firewall or antivirus program. What can be done to mitigate the aftermath? In his talk titled “Changing the Security Equation,” he discusses how security teams can address these challenges to secure their corporate IT environments better.

“Can we take snippets of machine learning and big data and other analytics, platforms, to make us smarter?” he asks rhetorically. “Can we automate these things to bring the balance to our security teams that are protecting our infrastructure, and, of course, the people that are using it?”

Candace Worley, Chief Technical Strategist for McAfee, says security professionals have traditionally been in a quandary over how and when to use automation in their security practice. Fifteen years ago, the majority of the workforce was confined to desks on premises. Today, with mobility, remote workers, and even employees’ desire to “bring your own device,” the technical environment is increasingly difficult to control. Automation seems to be the best way out.

In a digital world where threats change often and come faster than ever before, finding the right talent is increasingly difficult. Add to that the sheer volume of data that must be analyzed, and the limits of human capacity to sift through it.

Do we still have the luxury of seeing automation as a risk too great to employ on a broad scale? Candace identified three factors that play into the Chief Information Security Officer’s willingness to view automation as a solution, rather than viewing it as a threat.

1. The ever present and global nature of the security threats against their organizations.
2. The overwhelming and increasing amount of data that needs to be tracked, processed and protected.
3. The complexity of the IT environment.

Information security professionals must look at automation as a medium through which some of their problems can be solved.

“Machines are extremely good at analyzing large groups of data in a rapid amount of time,” she said. “Humans can come in with strategic intellect, look at the context of the data, and interpret it.”

Self-driving trucks are not programmed; they are taught. And so it goes, too, with drones, delivery robots, robotics, and the entire world of connected devices.

“Despite the history of security breaches, [organizations] are getting better at this,” Steve Hoover, former Chief Technology Officer at Xerox explains. “We are entering a big step forward in terms of the value, kinds of data, and amount of data that is at risk.”

Back to the truck example. The autonomous systems learn how to recognize safe and unsafe things in the world, and they make decisions on their own.

“When we think of cyber security,” Steve said, “we cannot think about systems that are static. We are dealing with systems that are changing their behavior in response to the world around them.”

So, how do you teach a machine? Your children serve as a metaphor. You teach them to make good choices, and how to learn the right behaviors that will keep them (and others) safe.

“We have to take drastically different approached to security,” added Ersin Uzun, who joins Steve in the video, above. Ersin, director of the System Sciences Laboratory at PARC, points out that no system can have a predetermined response for every situation it might face in an unpredictable environment.

“Not only should systems be self-reconfiguring,” Ersin said, “they must also be able to detect problems and recover from them.”

Indeed, the future has arrived. But the necessity for data protection and security will never go away.