Sent by DM, an old time reader. Linda Musthaler made some good points when she talked to Mike Walls.

He also stresses the human aspect of the process. "Human interaction is absolutely critical in my opinion," says Walls. "Automation is important – you can't do this stuff without automation, there is no question about that – but my personal experience with a cyber warfighting context is that if you don't have analysts with the right skillsets really looking at those 2% of events that are anomalous behavior, you are going to miss something. And when I say a warfighting context, I'm talking about fighting very worthy adversaries, not just a bunch of criminal hackers."

...

Companies need to have a security mindset, says Worden. "I'm not talking about technical stuff or software or configurations. I'm talking about protocols and behaviors within your business and among your employees. There are a lot of things in today's environment that people need to be mindful of. I am impassioned about education and training and awareness. In the military we call that OpSec or operational security. It is about creating a vigilant and aware employee on what the threats are and what is going on, bringing to light what the actual threats are, who is looking to gain data and what tactics they are using. If we can do this and create a more knowledgeable and aware workforce, then we have just mitigated the vulnerability and potential for an incident in a huge way because 80% of the breaches happen when the bad actor exploits the person at the keyboard."