I was one of a few lucky students who were able to attend the Community College Cybersecurity Summit (3CS) in Pittsburg, PA last month. During the event there was one speaker that stood out the most to me as a student: Peter Romness of Cisco Systems. During the keynote he discussed the latest concerns of Cybersecurity: the well-known shortages, and the challenges of fixing that large gap in the industry. Also during the keynote were displays of powerful graphics with charts and statistics that kept the audience interested for what he would share next, although what he said initially that I found particular was how he started off his presentation by saying he wasn’t there to sell us anything. Then, again what would the use be trying to sell students and faculty on hardware for large corporations? One thing I don’t think Mr. Romness realized is that he indeed was selling something during that keynote: automation and cloud.
It was toward the end of that keynote presentation that Mr. Romness mentioned Cisco was pushing toward automation of Cybersecurity. He spent little time on it though, and I was left to my own devices to fill in the gaps as to what he meant. At the time I was interested and looked into it more but with all the other information being shared during the conference my research was pushed into the pile of things to look into. Then, just recently I was reminded of the Cisco automation slide of his presentation when I read an article about a large layoff at Cisco impacting more than 5000 people. Over several articles I noticed a theme of reduced hardware and increased software with more cloud based applications. Anytime I see jobs getting cut at a major tech company as a student working toward a focus in Cybersecurity it is worthwhile to delve deeper and make sure down the road when I graduate I won’t have a fancy piece of paper that I never get to use because my position has been automated. So after looking into what Mr. Romness presented I found that essentially Cisco is aiming to reduce the need for Cybersecurity professionals to sift through pages and pages of logs, so they can focus on what is really important: hardening those systems the logs are monitoring.
As much as I enjoy tedious work, I would feel more accomplished if my time were better spent doing exactly what Cisco is aiming for. Initially what was a concerning prospect for automation actually is a relief for other students and industry professionals. Cisco is trying to make security easier to alleviate some of the pressure the industry is facing. Automating this aspect of cybersecurity isn’t a new practice, so what I believe what Cisco is doing is focusing more on doing a better job detecting the events that slip through the cracks to help make our jobs easier. If that’s the case, hats off to you Mr. Romness, I’m sold.
