Sign up to save your podcasts
Or
Share AI in Cyber Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
AI in Cyber Security
AI in Cybersecurity: Shifting the Bottleneck from Enrichment to Judgment Hosted by Nathan Rigoni | Special Guest Brad Proctor
In this episode, we sit down with Brad Proctor, Director of Operations at MAD Security, to explore the frontline reality of how artificial intelligence is transforming cybersecurity operations. We move beyond the marketing hype of "AI Sockets" to discuss the mechanical reality of defense: how human-in-the-loop systems actually function when faced with 24/7 global threats. By examining the evolution from static rules to agentic reasoning, we uncover why AI doesn't just "solve" alert fatigue—it shifts the human burden toward higher-level decision-making.
What you will learn
- The 24/7 Battleground: Why cybersecurity operations never sleep and how global adversaries exploit the limits of human fatigue.
- Moving the Bottleneck: How AI agents transition the analyst's role from "Tier 1 Enrichment" (gathering data) to "Tier 1 Judgment" (deciding what matters).
- Static Rules vs. Reason: The difference between traditional SOAR (Orchestration) playbooks and AI's ability to reason through anomalous patterns.
- Enrichment in Layers: A "sweater and jacket" analogy for combining the non-complacency of AI with the superior problem-solving skills of humans.
- The Future of Threat Hunting: How AI can perform "lookbacks" and harvest previous data to identify vulnerabilities that weren't known at the time of ingestion.
- From Alert Fatigue to Decision Fatigue: Why the next generation of security professionals must focus on understanding AI mechanics to avoid new forms of cognitive burnout.
Resources mentioned
- MAD Security: A Managed Security Service Provider (MSSP) specializing in offensive and defensive cybersecurity (discussion starts at 0:38).
- AI vs. Human Factors: Insights into the limits of human data processing and the necessity of automated normalization (see discussion at 8:09–8:34).
- The SOAR Legacy: Reflecting on the "Security Orchestration, Automation, and Response" industry from 10 years ago (see 11:36–12:05).
- Physics of Language Models: A Meta research series exploring how models retrieve information and learn structural math (see 16:08–17:35).
Why this episode matters
For security leaders and IT managers, the promise of AI often feels like a silver bullet for "alert fatigue". However, this conversation reveals that the true value of AI lies in its speed of detection and enrichment rather than total autonomy. By understanding how the "physics" of these tools interact with human processes, organizations can better design their security operations centers (SOCs) to handle increasingly sophisticated phishing and hijacking attacks.
Subscribe for more deep dives into philosophy, AI, and cognition. Visit www.phronesis-analytics.com or email [email protected] and join the conversation.
Keywords: Cybersecurity, Artificial Intelligence, SOC Operations, Alert Fatigue, Threat Hunting, MSSP, SOAR, Human-in-the-Loop, Machine Learning, Defensive Security.
View all episodes
By Nathan RigoniAI in Cybersecurity: Shifting the Bottleneck from Enrichment to Judgment Hosted by Nathan Rigoni | Special Guest Brad Proctor
In this episode, we sit down with Brad Proctor, Director of Operations at MAD Security, to explore the frontline reality of how artificial intelligence is transforming cybersecurity operations. We move beyond the marketing hype of "AI Sockets" to discuss the mechanical reality of defense: how human-in-the-loop systems actually function when faced with 24/7 global threats. By examining the evolution from static rules to agentic reasoning, we uncover why AI doesn't just "solve" alert fatigue—it shifts the human burden toward higher-level decision-making.
What you will learn
- The 24/7 Battleground: Why cybersecurity operations never sleep and how global adversaries exploit the limits of human fatigue.
- Moving the Bottleneck: How AI agents transition the analyst's role from "Tier 1 Enrichment" (gathering data) to "Tier 1 Judgment" (deciding what matters).
- Static Rules vs. Reason: The difference between traditional SOAR (Orchestration) playbooks and AI's ability to reason through anomalous patterns.
- Enrichment in Layers: A "sweater and jacket" analogy for combining the non-complacency of AI with the superior problem-solving skills of humans.
- The Future of Threat Hunting: How AI can perform "lookbacks" and harvest previous data to identify vulnerabilities that weren't known at the time of ingestion.
- From Alert Fatigue to Decision Fatigue: Why the next generation of security professionals must focus on understanding AI mechanics to avoid new forms of cognitive burnout.
Resources mentioned
- MAD Security: A Managed Security Service Provider (MSSP) specializing in offensive and defensive cybersecurity (discussion starts at 0:38).
- AI vs. Human Factors: Insights into the limits of human data processing and the necessity of automated normalization (see discussion at 8:09–8:34).
- The SOAR Legacy: Reflecting on the "Security Orchestration, Automation, and Response" industry from 10 years ago (see 11:36–12:05).
- Physics of Language Models: A Meta research series exploring how models retrieve information and learn structural math (see 16:08–17:35).
Why this episode matters
For security leaders and IT managers, the promise of AI often feels like a silver bullet for "alert fatigue". However, this conversation reveals that the true value of AI lies in its speed of detection and enrichment rather than total autonomy. By understanding how the "physics" of these tools interact with human processes, organizations can better design their security operations centers (SOCs) to handle increasingly sophisticated phishing and hijacking attacks.
Subscribe for more deep dives into philosophy, AI, and cognition. Visit www.phronesis-analytics.com or email [email protected] and join the conversation.
Keywords: Cybersecurity, Artificial Intelligence, SOC Operations, Alert Fatigue, Threat Hunting, MSSP, SOAR, Human-in-the-Loop, Machine Learning, Defensive Security.