Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Decision Automation in Security Operations Brings Transparency and Trust to AI

By Chris Triolo
SEC0519-Cyber-Feat-slide1_900px
May 8, 2020

Like many other industry buzzwords, there’s a lot of hype around security automation. Yet, for the first line of defense in an enterprise environment, the analysts working in the security operations center (SOC), the notion of automation is more headline than reality. Many basic tasks – logging, fault isolation, reporting, and incident troubleshooting – are still very much manual.

Often monitoring up to tens of thousands of alerts an hour, it is a tough problem that presents a constant battle of humans versus events and that’s why the right automation is so important. Unfortunately, the automation tools available today only scratch the surface of addressing the biggest challenges that security teams face.

 

Decision Automation Lays Groundwork for AI at Scale

Decision automation is a different class of security automation. It emulates human reasoning and decision-making skills, within the context of the environment, to reduce the high volume of noise, which usually produces many false positives. With decision automation, data can be analyzed at machine speed and enterprise-scale, reducing the probability of threats going undetected or not being remedied. This allows SOC teams to keep their focus on threat hunting and other valuable tasks.

Automating level one security monitoring is inevitable. The moment the industry can coalesce and agree that this is inevitable, the sooner we can solve the automation challenge and get it done, right? Security, orchestration, automation and response (SOAR) is a category of products that are part of the new SOC, but they are not the complete answer.

As the industry moves to automate, different methods, like artificial intelligence (AI) start to make a tangible impact in the new SOC.

 

Machines are Your Colleague, Not Your Competition

One of the biggest underlying issues when it comes to distrust of AI is the fear that AI solutions will take jobs away. But in cybersecurity, that’s not what’s happening. Security analysts are trying to find threats to the network, and now they have an ally in that goal – a machine that they teach and that in turn teaches them. An AI cybersecurity tool is like a coworker, not a replacement. It is both doing the redundant tasks that waste people’s time and the in-depth, big data analysis that people cannot do. This enables SOC teams to redirect their skills and be more effective in accomplishing their goal.

When it comes to achieving transparency and trust for AI, decision automation for cybersecurity is a way to accomplish this. Decision automation software automates the monitoring and triage process, rather than just providing information to people who then make the choices. The software’s decisions are based on preprogrammed business rules, making the basis for its decisions transparent.

 

Trust is Achieved Through Results

In the case of cybersecurity, organizations need to trust the results their security tools deliver. Decision automation helps ensure this. Everyone is clear from the start what the AI solution is basing its decisions on because the provider and the organization have agreed in advance on which decisions will be automated and why. This goes a long way to clearing up many of the unknowns. It’s similar to the process of hiring a new employee in some ways – in that, you can do as much due diligence as possible during the interview process but you still don't really know if you can trust that person until you've had a chance to work with them and see the results that they produce. It’s the same for AI: you have to work with it just like you would a fellow human and see the results that it produces.

Once an AI-based solution is working and can match or outperform a human, it then has better potential to be widely adopted. For instance, consider self-driving cars. Many people remain reluctant to use this mode of transportation until it’s proven that autonomous vehicles are at least as safe as those driven by people. Once that happens, greater adoption should rapidly follow. The capability has to match or exceed what a human can do. That level of performance engenders trust.

Transparency also engenders trust, but AI is not inherently transparent. It is susceptible to “black box syndrome,” where an AI-based tool offers results without any explanation of how it arrived at those results. When the decision-making criteria aren’t clear, the results could be perceived as wrong, incomplete or improperly aligned with the organization’s goals. And if the tool keeps generating false-positive anomalies all day, trust isn’t being built.

What’s more, it is quite useful and practical to understand how various attacks work and why some attacks get escalated, but others don’t. This improves an organization’s ability to remediate the attack. An AI-based cybersecurity solution can provide investigative evidence that the organization would not otherwise have access to. That’s in sharp contrast to AI tools based on unsupervised machine learning that are just generating anomaly-based detections. These tend to result in a lot of false positives, which wastes time and doesn’t inspire confidence and trust.

 

Confidence Restored

It’s been said that business moves at the speed of trust. This holds true for IT security, as organizations that can’t trust the data their AI tools are giving them will end up with a much slower response time to real and possible threats. Transparency builds trust, but AI tools historically have not done a great job of being transparent with the “why” aspect of their results. Decision automation fixes this issue because the organization determines in advance which decisions to automate. This promotes an atmosphere of trust in which IT security teams can rely on the information they receive, act on it more quickly and with greater insights, and know that the AI tool is a coworker rather than a replacement.

KEYWORDS: artificial intelligence (AI) cyber security Security Operations Center (SOC)

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Chris triolo

Chris Triolo is vice president of customer success at Respond Software. Chris’ security expertise includes building world-class Professional Services organizations as VP of Professional Services at ForeScout and global VP of Professional Services and Support for HP Software Enterprise Security Products (ESP). Chris’ depth in Security Operations and leadership includes a long tenure at Northrop Grumman TASC supporting various Department of Defense and government customers including Air Force Space Command (AFS PC) Space Warfare Center, United States Space Command (USSPACECOM) Computer Network Attack and Defense, Air Force Information Warfare Center (AFIWC), and others.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Half closed laptop

Sudo Vulnerability Discovered, May Exposes Linux Systems

Person holding cellphone

Millions of Android, iPhone Users Could Be Sending Data to China

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Creating the GSOC: 4 Leading Examples of Successful Security Operations Centers

    Is Remote SecOps a Good Long-Term Plan?

    See More
  • Jordan Lippel Podcast Header

    Roles of AI, automation and humans in security

    See More
  • blockchain internet network

    Trust, transparency and reliability are keys to Web3 success

    See More

Related Products

See More Products
  • operations center.jpg

    Security Operations Center Guidebook

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • Hospitality-Security.gif

    Hospitality Security: Managing Security in Today's Hotel, Lodging, Entertainment, and Tourism Environment

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!