The threat landscape is ever-changing, and security professionals have increasingly adopted tools to automate, simplify, and strengthen their organization's security posture. But most enterprise security stacks lack a solution that covers the last mile of cybersecurity: human employees (have to qualify that in today’s age of AI employees).

Even after deploying defenses to protect their servers, data, applications, endpoints, etc., we still rely on employees to take the final step: install a necessary patch update, validate unusual logins, get an exception for unapproved activity, maintain good password hygiene, complete compliance training …, and the list goes on.

We know users are a critical piece of the security puzzle. No matter how many vulnerabilities we patch, services we fingerprint, data we encrypt, or endpoints we secure, a single user’s inaction or activity can still compromise the company. If companies adopted good security hygiene principles and properly engaged the workforce in enforcement, security breaches could be prevented.

The security silo

Having spent 20+ years as a security practitioner, I am all too familiar with the security silo. Our cloud security tools collect data on various endpoints, software, and applications in the background. We perform our own audits, analyze findings, identify tooling coverage gaps, and classify risk. 

Then, without providing context, we deploy controls, remediations, and security training to the rest of the workforce. We often do not engage with them.

Take this example: security software flags specific employee devices that need to be updated. We force a patch update that requires the computers to restart, frustrating employees when their computers shut off during important work. In addition, follow-on issues arise that could have been prevented if employees had been given the opportunity to provide context. 

Piecing together the data

Today’s CISOs have many tools to secure every possible entry point and vulnerability. And while each functions well independently, it’s challenging to get a complete picture of compound risk and overall security.

There are integrations and data flows, but it’s still far too difficult to see the forest through the trees. Teams often lack a holistic view of security health to help them prioritize and triage incidents. They are left drowning in a sea of disparate alerts, most of which don’t get proper attention due to the time it takes to evaluate the accurate risk signals and engage employees in remediations.

We need an overarching layer that automatically ingests data from across our security stack, presents a comprehensive picture of security health, and prioritizes security risks and vulnerabilities. In short, a modern way to quantify & democratize user security health with real-time data from your existing tools.

But that’s only part of the issue. The final step is translating findings into actionable remediation engagements with employees. Even if security practitioners can piece together a comprehensive picture, they often miss the opportunity to partner with and motivate the rest of the workforce to take action.

Solving the last mile problem with human-in-the-loop automation

Security practitioners know we cannot completely eliminate the last mile just yet (believe me, I’ve tried). So, rather than trying to push employees out, I look for ways to pull them in. Enter human-in-the-loop automated engagements.

Human-in-the-loop automation leverages conversational AI to collaborate with employees to resolve security findings. It's a modern way to run your security program through customized AI-powered user interactions for security hygiene actions. Imagine if you could humanize each employee's engagement through a personal security buddy!

To use the above example, instead of forcing employees’ devices to reboot, we can now automatically engage employees to provide the context of the security issue and allow them to schedule a convenient time for their device to restart.

This means executing highly nuanced tasks requiring employees’ input to run automation correctly in more complex scenarios. Human-centric security captures the necessary context and drives employee participation without burdening my security team.

The result? Individuals improve their behavior, meaning better security for the entire organization. 

‍

‍

‍