Back in 1999 when I formed Counterpane Internet Security, Inc., I popularized the notion that security was a combination of people, process, and technology. Back then, it was an important notion; security back then was largely technology-only, and I was trying to push the idea that people and process needed to be incorporated into an overall security system.
This blog post argues that the IT security world has become so complicated that we need less in the way of people and process, and more technology
He’s right. People and process work on human timescales, not computer timescales. They’re important at the strategic level, and sometimes at the tactical level — but the more we can capture and automate that, the better we’re going to do.
The problem is, though, that sometimes human intelligence is required to make sense of an attack, and to formulate an appropriate response. And as long as that’s the case, there are going to be instances where an automated attack is going to have the advantage.