Utilizing chatbots to increase the efficacy of information security practitioners

Abstract

Almost every day, the world hears about a new information security breach. In many cases, this is due to the vast quantity of data generated across millions of connected devices with little insight, and the amount of work that information security practitioners must do to make sense of it all. The lack of skilled information security resources doesn’t help. Different approaches are being attempted to fix these issues. However, many approaches are neither cost-effective nor scalable. One potential approach, which is both cost-effective and scalable, is the utilization of chatbots. In this paper, the authors focus on ways in which chatbots can assist information security practitioners, such as security analysts and pentesters, beyond the current human-before-support philosophy. Scenarios include investigations of potentially malicious behavior and team pentest projects, each of which explores how a chatbot might allow the relevant type of information security practitioner to be far more effective and efficient.