Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , Security Operations

Automation 2.0: Measuring Security Decisions in the SOC

Swimlane CISO Michael Lyborg on AI and Transformative Trends in Security Operations
Michael Lyborg, CISO, Swimlane

Automating decision-making in the security operations center strengthens an organization's ability to detect, respond to and mitigate security threats effectively. But the focus has shifted from micro-automation to a unified platform, with emphasis on the importance of measuring key performance indicators over time to assess the effectiveness of security decisions, according to Michael Lyborg, CISO, Swimlane.

See Also: Building Better Security Operations Centers With AI/ML

Artificial intelligence can complement security automation, but Lyborg advised a cautious approach. "You have to evaluate and assess risk. When it comes to security tooling, there's a lot of sensitive information," he said. "Test it, validate it, train it well and just continuously improve."

In this interview with Information Security Media Group at Black Hat Europe 2023, Lyborg also discussed:

  • Consolidating security tools within unified platforms for cost savings and operational efficiency;
  • The importance of well-defined processes for automation and understanding the desired outcome;
  • The risks associated with integrating AI into security automation;

For more than 15 years, Lyborg has led engineering teams and authored controls, policies, plans and procedures for various compliance certifications, including SOC2, ISO 27001 and CMMC. He has also served as an operations manager for the Marine Forces Special Operations Command, following his service as chief instructor at the Marine Forces Special Operations School and as an infantry leader of the 2nd Marine Division in the U.S. Marine Corps.


About the Author

Tony Morbin

Tony Morbin

Executive News Editor, EU

Morbin is a veteran cybersecurity and tech journalist, editor, publisher and presenter working exclusively in cybersecurity for the past decade – at ISMG, SC Magazine and IT Sec Guru. He previously covered computing, finance, risk, electronic payments, telecoms, broadband and computing, including at the Financial Times. Morbin spent seven years as an editor in the Middle East and worked on ventures covering Hong Kong and Ukraine.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.