Josh Ray
Blackwire
9
min read
Oct 1, 2024
I have a lot of meetings and I really try to stay pretty even keel but when I hear smart people say things like, "does trust in AI really matter" or "do people even care that much about trust anymore" it really lights a fire in me. Have we really lost that much hope as a society or security community where people actually believe that? Folks that know be back from my iDefense days know that when people would try to classify cyber criminal actors with the "APT" moniker I would go on a 30 minute tirade about how the terms APT was used purposefully to describe a specific set of espionage actors (I lost this battle to the cybersecurity marketing machine btw). So for context purposes, this trust thing for me, WAY WORSE than my APT rants.
Trust is the bedrock of our personal and business relationships, and indeed, how society functions. I acknowledge that there has been a significant erosion of trust across many institutions previously considered trustworthy. However, I firmly believe that people are inherently good and that we want to do right by one another, especially in our personal and business dealings.
Trust matters. It's not freely given but earned through demonstrating behaviors and actions that verify one's worthiness of trust (do what you say your going to do - keep your word). There's a strong correlation between trust and expertise. When we encounter individuals or organizations with deep knowledge and experience in their field, we're more inclined to trust their judgment and decisions. This expertise-driven trust is particularly crucial in fields like cybersecurity, where the stakes are high and the consequences of misplaced trust can be severe.
In the realm of cybersecurity, trust is not just important – it's absolutely critical. I vividly remember an experience early in my career when we were adopting our first SIEM at a previous company. Our lead security engineer, who had developed his own custom scripts for log analysis, meticulously verified each SIEM alert against the output from his scripts. It was only after this expert verification that he would sign off on the viability of the new technology. His approach, while time-consuming, underscored the importance of trust in our field.
If there's any industry where trust is a core component, it's cybersecurity (and perhaps healthcare). Would you trust cryptography that's not mathematically sound? A consultant who isn't an expert? A regulatory or cyber intelligence report with no verified sources? A SOC ticket that isn't grounded in telemetry? The answer to all of these is a resounding no. We need to trust our people and our technology.
This brings us to the critical issue of trust in AI, particularly as it relates to cybersecurity. At Blackwire Labs, we've recognized the paramount importance of trust in AI-driven cybersecurity solutions. Our approach is built on the foundation of verifiable, expert-validated content. We've developed Trustwire, a proprietary trust layer that ensures AI integrity, data security, and accountability.
Furthermore, we've established the Cybersecurity Community of Excellence (CCOE), a network of industry experts who continuously validate and update our knowledge base. This human-in-the-loop approach ensures that our AI-driven analyses are not only innovative but also reliable and trustworthy.
We apply a rigorous source evaluation methodology to ensure our training data is vetted and industry-relevant. This sets us apart from generalist AI platforms and addresses the critical need for trust in AI-powered cybersecurity solutions.
In an era where AI "hallucinations" and unexplainable outputs are common concerns, we've built our entire system around the principle of transparency and accountability. We believe that trust in AI, particularly in the cybersecurity domain, is not just a nice-to-have – it's an absolute necessity and how else do you unlock the true potential of AI.
As we navigate the complex landscape of AI in cybersecurity, let's not lose sight of the fundamental importance of trust. It's not an outdated concept or a luxury we can afford to discard. Rather, it's the foundation upon which we must build our defenses against the ever-evolving cyber threats of our time.
At Blackwire Labs, we're committed to not just talking about trust, but embodying it in every aspect of our work. We invite you to join us in this mission to create a more secure digital world – one where trust in our AI-driven cybersecurity solutions is not scarce, but abundant and well-earned.