- Instead of catching a reader’s attention, a hacker is trying to find a way into a network.
- Keeping you interested would equate to lateral movement.
- And the logical conclusion would be the exfiltration of data (or any other nefarious goal).
Why do we, as humans, think that we can eliminate human creativity, insight and inspiration from the process of defending a network from attacking human creativity, insight and inspiration? Cyber security is a contest between human intelligence, not computers — all malware was written, and changed, or programmed to change, by a human. Frankly, it takes even more creativity, insight and inspiration to defend a modern, almost infinite attack surface network than it does to penetrate it. I think we all believe that the attackers have more resources than defenders (especially when considering state actors going after corporations). So even if we were able to create some sort of super smart AI that could defend a network, wouldn’t the attackers be able to create a super duper smart AI to penetrate it? Logically, this points back to the contest that defines cyber-security: an ongoing one-upmanship game between creative, insightful and inspired humans.Even in Ray Kurzweil’s inspired book, ‘The Singularity is Near‘, wherein he posits that by 2029, computers will pass the Turing Test, and by the early 2030’s they’ll exceed the “capacity of all living biological human intelligence” he provides no logical argument (that I could see in an otherwise incredibly well argued thesis) that these computers will show an ounce of true creativity or inspiration. Well … yes, brute force iterations using infinite computing resource might overcome the power of human intelligence eventually. (Does that mean they’re truly creative? That’s a philosophical debate for a different blog series.) But until that occurs, and at least until 2029 if you believe Kurzweil – a life time in the tech industry – I think CISOs, security architects, cyber analysts, incident responders, and network hunters will be quite safe.