Session

Opening Keynote: How to Run Your Security Program with AI Before Someone Else Does

Daniel Miessler
Swiss Cyber Storm 2024 — Conference

In this talk, Daniel covers how to defend your Security Program from AI consultancies. In other words, how to use AI to help run your program—before someone else does. It goes over how to build an AI-based structure for understanding your Security Program and how to use AI to manage said program over time. Attendees will leave with not only a new way of thinking about AI, but a new way of thinking about security programs as well.

Slides Video

AI Summary

Disclaimer: This session information was generated with the help of AI. The information has been reviewed and refined by the Swiss Cyber Storm team and the speaker before publishing.
Daniel Miessler discusses the transformative potential of AI in security programs, emphasizing the need for organizations to adopt AI-driven approaches to remain competitive and efficient. He introduces ‘fabric’, an open-source tool for managing security programs with AI, and highlights the broader implications of AI in automating business processes.

Key facts

  • 40% of McKenzie's business operations have already integrated AI, indicating a rapid adoption of AI in consultancy and business processes.
  • The development and use of 'fabric', an open-source tool by Daniel Miessler, for managing security programs with AI, showcases the practical application and benefits of AI in security.
  • AI's ability to automate the generation of detailed, context-aware responses to common security program queries can significantly reduce manual work and improve decision-making.

Ideas

  • AI's capability to organize and clearly define success metrics for security programs can significantly enhance efficiency and transparency.
  • The use of context files (TS files) as a central element in AI-driven security management allows for a comprehensive representation of a program's goals, risks, and strategies.
  • Fabric, an open-source tool introduced by Miessler, facilitates complex AI commands for security program management, demonstrating the practical application of AI in enhancing security operations.
  • The shift towards AI-driven business processes is inevitable, with AI consultancies poised to transform traditional human-based and opaque business operations into transparent, AI-based systems.
  • The importance of building context files oriented around mission, strategy, and goals to ensure that AI implementations remain aligned with human values and organizational objectives.

Keywords

  • AI in Security
  • Fabric Tool
  • Business Automation
  • Security Program Management
  • Open Source

Quotes

  • “AI is phenomenal at organizing things into a clear structure and then explaining that structure.”
  • “40% of McKenzie's business is already AI.”
  • “This isn't starting to happen; it's already happening.”
  • “You end up with two things: your context file, which represents your program, and the patterns that run against it.”

Recommendations

  • Start viewing every business process as a graph of algorithms and begin building context files for anything you manage or wish to improve.
  • Quickly get up to speed on using AI tools in conjunction with your context files to enhance decision-making and operational efficiency.
  • Ensure your context files are oriented around the mission, strategy, and goals of your organization to maintain alignment with human values and objectives.

Resources

  • Fabric — Tool — Fabric demonstrates the practical application of AI in security operations, making it a valuable resource for security professionals looking to integrate AI into their workflows.
  • Alma File — GitHub Repository — Provides a practical example of how to structure a context file for use with AI tools in managing security programs.

About the speaker

Daniel Miessler

Daniel Miessler

Founder and CEO of Unsupervised Learning
Daniel Miessler is the founder of Unsupervised Learning, a company focused on building products that help companies, organizations, and people identify, articulate, and execute on their purpose in the world. Daniel has over 20 years of experience in Cybersecurity, and has spent the last several years focused on applying AI to business and human problems. Daniel has held senior positions at Apple, Robinhood, IOActive, HPE, as well as consulted for or been embedded in hundreds of others in the Fortune 500 and Global 1000.
Read more …
Copyright © 2025
 
Swiss Cyber Storm
Hosting graciously provided for free by Nine