Instilling Creativity into Cybersecurity

Posted by Darien Kindlund on August 18, 2018

When you think about cybersecurity, the last word you might associate with it is creativity. But threat hunting is anything but black and white. It’s a world of color that requires inquisitive minds to constantly think about things in new ways. As technology evolves and hackers become more innovative, analysts need to be quick on their feet and nimble in their thought process to find and neutralize threats efficiently. And if they don’t, well, you could be on the cusp of having another Equifax on your hands.

Attackers aren’t machines, they’re people, and they’re people with the ability to think creatively to find previously unused access points and ways to attack a system. So why shouldn’t our security teams have the same freedom of thought when hunting them down?

To be clear, being creative in cybersecurity is no easy task. The time and effort it takes to write one SPL query alone is constricting, and the rigid frameworks most organizations work within doesn’t allow for much free thinking. But as technology continues to advance, artificial intelligence (AI) and human intelligence (HI) are being combined by forward-thinking, innovative companies for more strategic approaches to the issue. Security teams need to be given the tools to explore the dark corners of their systems with new and independent thinking — the kind that traditional, lengthy queries just don’t allow.

A Culture of Curiosity

First and foremost, instilling a culture of data curiosity and continuous learning is key to increasing creativity within your cybersecurity organization. Reinforcing the importance of thinking outside the lines is what will inspire your analysts to feel comfortable tackling things in new ways. This opens a door to more data exploration and asking new questions, leading to more valuable outcomes.

Natural Language Processing (NLP) is, in essence, a path to innovative thinking. Getting complex query writing out of the way and allowing your team to ask straight forward questions of your data allows analysts to iterate more, and generally get to the point faster. If your team could communicate with data the same way they communicate with each other, a whole new level of data curiosity would be unleashed, setting intelligence gathering free.

The additional consequence of this is that it will lead to significantly higher satisfaction levels among security data analysts, a role that is in high demand and short supply. By empowering them to use their knowledge and intuition more freely, these analysts can be the data hunters and problem solvers they want and are trained to be. This helps attract and retain more analysts to help fight cybersecurity.

The moral of the story is simply this: the old way of running cybersecurity operations just isn’t flexible enough to allow the freedom to do it effectively. Only by breaking down the traditional frameworks can we explore data in truly innovative ways, understand how to detect threats, and enhance security efficacy — all by getting a little more creative.