Applying AI to Resilience and Cybersecurity
Key Highlights
- The article explores combining human strengths with AI capabilities to create a more effective, expert-guided system—especially in cybersecurity and networking.
- AI is positioned as a powerful assistant, not a replacement for human expertise.
- Includes 10 critical organizational layers that dictate the business strength and security of the organization.
Putting human expertise at the center of AI security.
I suspect we are all using AI daily by now. In last summer’s issue of ISE magazine, I covered the strengths and limitations of AI and humans.
This article takes these ideas to a new level, harmonizing the human and AI strengths into a new way of thinking.
Intention
I used AI to create my expert-guided AI system software. It brings my subject matter expertise of cybersecurity and networking to strengthen and protect organizations, creating business advantage at minimal cost.
Impact
My focus continues to be on SMBs, who are driven by operating their businesses, not by these topics. There are one hundred million small and medium businesses that need help. The service provider readers of this publication serving those SMBs have an important part to play too. Let’s begin by distinguishing our human strengths.
Note: Click on the following chart for a larger view.
Application
Next is a list of their application, structured as critical organizational layers that dictate the business strength and security of the organization.
Having 10 categories always goes down well. However, the reality is that they hide almost 80 areas that need investigating, taking recommended actions taken with weighted importance to strengthen vulnerabilities and reduce risk. This prevents the user from missing something important, since every one of these categories is critical (“you are only as strong as your weakest link”). Here are a few highlights from the list:
1. Executive Commitment and Accountability: Having resilience and security as executive accountability is the only way to consistently manage and be responsible across the whole organization. Don’t do this, and you can forget the rest of the list. The use of language is so critical here to inspire and motivate the benefits.
2. Policy and Plans: Having a policy that includes a financial framework is the only way to create the context for a regular and measurable (say quarterly) plan. This creates a clear competitive advantage, not forgetting that good documentation can be the best defense against liability.
3. Asset Stewardship is about limiting exposure, protecting assets, and testing the resilience plan. Managing who, what, where, and how systems can be accessed is governed by policy.
4. Human & System Access & Interactions is about insider threat vetting, best practices for phishing prevention and policy for systems access.
5. Supply Chain Management requires knowledge of and verification of all manner of suppliers and third parties, with collaboration to avoid abdicating responsibility.
6. Holistic Organizational Integrity is oversight of every department and their third-party contractors and suppliers to understand risks.
7. Basic Software Protection. It still amazes me that most companies still use passwords and have no multifactor authentication. This is the first place that requires some low-cost outside spend.
8. Zero Trust is the only recognized framework for real defense: identity management, authentication, policy and security management and enforcement being key.
9. Despite everything, breaches will happen. The key is detecting and removing breaches instigated with AI or Ransomware as a Service before they cause damage or worse. Service Providers are best placed to address this threat.
10. Everything must be monitored for ongoing improvement, constant evolution in threats and measurement of planned actions.
Summary: Visit cybyr.com/integration
Space limited the depth of this introduction. So, to explore how and where the software implements the human characteristics in each of the above layers, follow the link above. There, the work continues, giving access to my Cybyr-AI Expert-Guided Cybersecurity Software and our consulting services.
The human aspects engage in a transformative discussion, measurement of progress, and execution of recommended actions; this is combined with instant delivery of today’s latest news, information in articles, selected sites and videos, the curated prompts generation to several AI agents, and much more.
This is augmented by having the implementation as a virtual chief security officer, carefully executed, step-by-step. I hope you enjoyed this. Happy to answer any questions.
Stay Connected with ISE Magazine
Subscribe to our newsletters and magazine for the latest telecom insights, explore the current issue for in-depth features and strategies, and register for upcoming webinars to learn directly from industry leaders.
The article is intended as an introduction and is intentionally incomplete.
This and all future articles continue their journey on my website, in extensions to my software, and in new dynamic versions of my books. This, therefore, now becomes a model for introducing new dynamic ideas that can contribute practical value, not information overload. Above all, they are not out of date the instant they are finished, let alone printed as articles, white papers, or books.
About the Author
Mark Fishburn
Provider of Strategic Network, Cybersecurity, Software, and Marketing Services
Mark is President of cybyr.com and has five decades of experience in software, networking, and security. He is a member of ONUG, Mplify, and CSA network and security working Groups, CISA contributor and publisher of the Holistic Cybersecurity book: Hey Who Left The Back Door Open? For more information, or to give feedback, email [email protected] or follow him on LinkedIn.