Future of SOC
A frequent topic I am asked about is what the future of the SOC looks like. At first glance, this seems like a simple question – but scratch beneath the surface and it’s actually really complex. Cybersecurity does not exist in its own little pocket universe. Instead, what happens in security operations is driven mainly by external factors – the economy and macro-economics, internal, external and geopolitics, social and cultural trends, fashions, and of course, natural disasters like pandemics. There is no future of the SOC independent of the Future. So if you want to talk about the future of security operations, you really have to make a whole series of predictions and assumptions about the world in general .That’s what makes futurism and trend analysis so difficult. Good futurology synthesises trends from all and any relevant domains and fields into a coherent whole.
It doesn’t help that humans are incredibly bad at predicting the future, especially when trying to understand complex issues. We can even empirically study how bad we are at predicting, with definitions for a range of fun and scary cognitive fallacies, like the optimism or recency biases, not to mention the Duning-Kruger effect. Worst of all – even being aware of these pitfalls doesn’t necessarily help prevent succumbing to them.
Case in point, how will Artificial Intelligence develop in the near term, and how will this impact us as security planners and practitioners?
As I write this, Microsoft just announced their Cybersecurity Copilot, a personal AI assistant for security analysts, with industry analysts cautiously declaring that “AI Finally Does More Than Enhance Detection”.
Source: Security Week