Cybersecurity at FireEye: Human + AI
Analysts have often compared keeping up with Cybersecurity threats to running on a treadmill that keeps speeding up; the runner cannot move forward and often begins to slide backwards and fall behind. Set in July 2020, this case explores how one of the world’s most renowned such cybersecurity “runne...
Saved in:
Main Authors: | , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2021
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/cases_coll_all/339 https://smu.sharepoint.com/sites/admin/CMP/cases/SMU-20-BATCH%20%5BPDF-Pic%5D/SMU-20-0042%20%5BFireEye%5D/SMU-20-0042%20%5BFireEye%5D.pdf?CT=1610438185533&OR=ItemsView |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
Summary: | Analysts have often compared keeping up with Cybersecurity threats to running on a treadmill that keeps speeding up; the runner cannot move forward and often begins to slide backwards and fall behind. Set in July 2020, this case explores how one of the world’s most renowned such cybersecurity “runners”, FireEye, implemented AI-based solutions within the organisation to provide improved cybersecurity services to its clients. The case delves into the various strategies implemented by the firm for AI adoption using a specific example tool.
FireEye used its conceptual AI framework called the ‘Automatibility Spectrum’ to determine the appropriate degree of automation for developing different solutions. Additionally, the firm implemented agile practices to build inter-team collaborations, cross-team workflow processes and changes in its organisational structure and culture to promote a mind-set shift towards automation. Tasks that involved decision making would typically incorporate human verification with repetitive tasks being performed by automated algorithms. This Human+AI approach had enabled FireEye to expand and scale its support services.
However, cyber attackers were constantly ‘upping their game’, and rapid technology innovations were creating new threat exposures. The nature of cybersecurity threats and the supporting technical methods were changing rapidly and continuously, and some of the rules and approaches for threat protection and investigation applicable earlier were becoming irrelevant as cyber threats evolved and became more sophisticated over time. Was FireEye’s existing approach of Human+AI capable enough to tackle the ever-changing challenges in cybersecurity?
The case will help students learn about (1) the organisational framework for successful AI implementation in cybersecurity (2) the inherent limitations of machine learning based AI models, and business scenarios in which AI excels (3) the benefits of a Human+AI approach to solution building. |
---|