22 June 2019

Cyber Risk: Human Factors vs. Automation...

Operational Risk Management (ORM) is a growing multi-faceted mosaic comprised of people, processes, systems and external events. The risks to the enterprise are increasing at a dynamic speed and trajectory that requires the use of automated tools.

This is where risk to the enterprise may actually expand as executives and operational management rely on software to provide information assurance. The design and architecture of software needs a human-based fail-safe. It requires a human interface that allows and simultaneously requires human intervention. Has too much automation contributed to our increased levels of vulnerability?

Fortunately, the software designs have allowed for these opportunities and for a human-factor to ask "What if" questions. Those questions that may arise after an automated alert from the system tells us that something is outside the baseline parameters set for the system, the sensor or the alarm.

Now we go back to Operational Risk and the nature of thinking from a security and safety perspective. What is the continued reliance on automated systems doing to the human capital who have been charged with the over all "Standard of Care" for the enterprise?

We believe that they may have lost the ability to ask the right questions, at the right moment and with the correct contextual understanding.

What is the truth? Is it true? What evidence do we have that this is true? How do you know that the evidence is not spoiled or compromised? If we know the truth, then what do we do next? Is the software really telling us the truth?

The security and the safety of the enterprise is counting on you. And more importantly, the enterprise is asking you to question the software. The "rule-sets" that you have chosen as a result of the programmers and architects decisions can no longer be trusted.

Is our system learning? In what capacity is the system learning in context with the human interaction for judgement, intuition and ethical emotions? Are you with us? The next generation of "Cyber Security" Innovators are now at the edge of significant new breakthroughs and solutions.

"Active Defense" has been and is a controversial topic du jour, yet the next few years will be a new age of understanding, cultural bifurcations and significant global collaboration.

Our entire platform of digital trust is at stake and the conversation has finally made its way to the nation state policy levels.

Operational Risk Management (ORM) will remain a key factor in decision points for the enterprise, the consumer and the operators of critical infrastructure across the globe.

Lets work on keeping the human factor in the loop as automation continues to give us a false sense of security and safety...

No comments:

Post a Comment