Cybersecurity assessments: automated vs human
There are so many tools and offers around cybersecurity that it can be difficult to figure out which one is best for your situation. See our Cybersecurity page for details about Kosh's security service. At Kosh, we see customers with different needs that typically fall into two categories:
The need for constant cybersecurity evaluations coming from machines
The need for a one-time or annual cybersecurity assessment with an expert
Both automated and human cybersecurity assessments are valuable in different situations. Automated will work best for companies that need constant monitoring and real-time reports. Human-based is better for getting high-level business questions answered for risk analysis, cyber insurance, and budgeting.
In this article, I'll take a look at both types of assessments and break down the pros and cons of each. In general, automated cybersecurity evaluations are useful for periodic testing and most useful to IT professionals. Alternatively, human evaluations with a cybersecurity professional work best for understanding the big-picture technology environment of the company. This is great for CEOs and decision-makers because they get a report in a language they can understand and take action on.
Automated Cybersecurity Assessments
An automated assessment is one where software is loaded on your network and "bots" go out and run some diagnostics. Some of the things these programs are looking at include:
Detect System Protocol Leakage
Detect Unrestricted Protocols
Detect User Controls
Detect Wireless Access
External Security Vulnerabilities
Network Share Permissions
Domain Security Policy
Local Security Policy
If those bullet points don't mean much to you, then you're not alone! That's one of the issues with automated reports - they are great for IT pros but not for laymen.
Three Pros of Automated Assessments
Systematic and consistent
I think the biggest advantage of automated reports is the systematic repeatable nature of the evaluation. It verifies or investigates and returns a yes or no. It can lack nuance but it is consistent.
Quick evaluation of large numbers of endpoints
These reports are nice because they can take in a lot of endpoints (computers, printers, laptops, mobile devices) and return valuable data.
Frequency - speed
This type of report can be run as often as desired. Typically, it is just the click of a button and prepared within minutes or hours.
Three Cons of Automated Assessments
Difficult to understand
For most non-tech people, these reports are difficult to understand and are even more difficult to distill down to actions for the business.
Lacks business intelligence
These reports do not take into account the specific situations of each business.
Doesn't typically address the biggest security risk - humans
Automated reports usually don't address the biggest entry point into your network...humans. According to Cybint, a global cyber education company, 95% of cybersecurity breaches are due to human error.
Cyber-criminals and hackers will infiltrate your company through your weakest link, which is rarely in the IT department.
Human Cybersecurity Assessments
This type of assessment is conducted by a cybersecurity professional. Typically, the IT pro talks with the company's decision-makers and works to understand their current technology environment in relation to their business vertical.
Three Pros of Human Assessments
Custom and nuanced evaluation
Most automated reports don't