Skip to content
Cybersecuritydata-and-cloud-computingTechnology

Cybersecurity defenses are not suitable for democratization

Enhanced AI analysis in cloud security solutions streamlines risk identification, concentrates efforts on genuine threats, and boosts collaboration between DevOps teams, diminishing excessive alert signals (CNAPP noise).

 and  Administrator
2 min read
Cybersecurity protections cannot be made accessible to the general public through democratization
Cybersecurity protections cannot be made accessible to the general public through democratization

Cybersecurity defenses are not suitable for democratization

In the rapidly evolving landscape of cybersecurity, a new approach is emerging. Regular attack simulations are being conducted to focus efforts on the attack paths that matter most, as the goal is not just to identify vulnerabilities, but to understand which combinations of security gaps pose the greatest risk and why.

This shift in strategy is driven by the need for a proactive defense, adopting an attacker mindset in defense operations. By automating and speeding up these processes, security teams can gain a deeper understanding of which security gaps pose the greatest risk, helping them to prioritize their efforts effectively.

The role of the security team is also being reframed. Rather than acting as gatekeepers, they are being positioned as prosecutors, focusing on threat validation that provides DevOps teams with evidence to address issues. However, the DevOps team, already juggling multiple responsibilities, must context-switch to understand the security implications of a finding, often under strict Service Level Agreements (SLAs).

The current model of left shifting security is collapsing under the avalanche of alerts generated by cloud security tools. The shift left approach has deputized developers to handle remediation, but this has created a dynamic where security is accountable for risk but lacks authority over the environment. To address this, the security team should not delegate the drudgework of threat validation to DevOps teams, but should instead apply AI to time-consuming, error-prone manual processes such as alert validation.

In Germany, organizations and companies are actively engaging in the development and promotion of AI tools to improve automated and efficient detection and validation of security risks in cloud environments. Google Cloud, OPSWAT, Armis Labs, and the German Federal Office for Information Security (BSI) are among those leading this charge.

The democratization of AI has also led to an increase in the number of people capable of carrying out sophisticated attacks. To counteract this, lowering the noise of Cloud Native Application Protection Platforms (CNAPP) and raising the bar of threat validation is a key strategy for increasing collaboration between security and DevOps.

In conclusion, the best defense in cybersecurity is considered to be a good offense, and AI can help security teams consolidate their power. By focusing on contextual, weaponized risk, requiring a deeper technical analysis and a culture shift, and by automating manual, error-prone threat validation processes, security teams can regain authority and effectively protect their organizations from the increased velocity and volume of AI-driven threats.

Read also:

Related

Latest