“There’s a huge security skills gap,” warns Dwayne Melançon, VP of Product at iovation in our conversation at the 2017 RSA Conference in San Francisco. “The trouble is that universities are currently not producing workforce-ready people.”
In a recent article on Tripwire, where he formerly worked as CTO, Melancon elaborates on the thorny issue of how to produce a security-aware workforce.
“As we know, quite a few high-profile breaches have come about because of successful phishing attacks. Many organizations have spent a lot of time and money on “securing the human” with just these sorts of attacks in mind, yet the problem is getting worse. And we’re not just talking about harvesting information from employees – this is a common vector for malware payloads that allow remote access to your network, or exfiltrate valuable data to your attackers.”
Watch the full video interview with Dwayne Melancon here:
VIDEO: Dwayne Melancon Interviewed by Cylance at RSA 2017
Machine Learning vs. Human Training
The answer in bridging that skills and awareness gap may lie, surprisingly, with machines. He advises CISOs to look to machines and machine learning as a tool to help secure an inherently insecure workforce. “Machines are consistent. People are not,” he adds. “If you had a machine-oriented way to train your staff, you could get them to perform in a more consistent way, to ensure the safety of your organization.”
He adds that the ability to analyze huge overwhelming amounts of data very quickly and at least segment it into smaller buckets of data that a human needs to look at, is one of the top benefits of using machine learning within a business or organization.
“One of the challenges we have today is that the amount of information we have is overwhelming,” Melancon goes on. (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Videos. Read the original post at: https://threatmatrix.cylance.com/en_us/home/dwayne-melancon-machines-and-security-staff.html