The Security Ledger Podcast

The Security Ledger Podcast


Spotlight Podcast: Security Automation is (and isn’t) the Future of Infosec

September 18, 2019

In this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and a professor of Computer Science at Carnegie Mellon University.


Brumley is a noted expert on the use of machine learning and automation to cyber security problems. In this podcast, we talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere is driving investment in automation.


In this interview, David and I talk about the potential and pitfalls of using machine learning and artificial intelligence in cyber security. We also talk about what’s driving the adoption of AI and machine learning technologies in the information security field. Namely: a chronic cyber security talent shortage globally and especially in North America, the EU and other advanced economies.


As both an entrepreneur and a teacher, Brumley has a unique perspective on the problem. He sees the future of AI and machine learning as intimately bound up with the difficulty of fielding cyber security talent.


“Computer security is not a known field to the high school student…even though its highly paid, tons of jobs, great career paths. We need to fix that problem,” Brumley told me. Capture the flag contests and cyber challenges like the one that launched his company are a great way to get young people interested in cyber security as a career. However, filling the talent pipeline is a long term solution, and one we’re not even moving toward very quickly.


In the meantime, the answer is automation, powered by machine learning technology, which Brumley says companies like Google, Facebook and others are leveraging heavily to improve the security of their platforms.