Vlabs’ approach to delivering effective analytics lies in understanding how to combine human and machine capabilities. Human mind remains unbeatable in contextual analysis, business knowledge, intrinsic intuition and general problem solving. Alternatively, machines are very good at task automation, processing at scale, data joints, statistical analysis (i.e. unsupervised learning) and trained (i.e. supervised learning) techniques.
The effectiveness of a cyber security analytic solution ultimately lies in operator’s ability to make use of the advanced functionality available in the software. With that comes the paradox: the more capable the analytic system is, the more difficult it can be to use.
Security Operations Challenges
- Information overload – operators have to track numerous data points
- Lack of time – operators are often forced to make quick judgments
- Insufficient skills – operators need to process complicated network engineering and cyber analytic information
Decision Making Process
- Evidence – decomposition of situational complexity
- Hypothesis – connecting the dots
- Investigation – following the logic