CATEGORIES · ARTICLE
Insights
6 insights
How It Could Actually Work: My Position at the End (Part 5 of 5)
Four parts of methodological skepticism, one constructive. Here is my position. Not an institutional CICS statement. Not a coordinated consulting output. …
AI vs AI: What Attackers Actually Do, and What They Don't (Part 4 of 5)
So far this series has been about the defensive side. What augmentation delivers, where it stops, what it means organizationally. Sitting next to that is a …
What It Means for SOC Teams: Hiring, Training, Architecture (Part 3 of 5)
If the productivity effect of augmentation is real (Part 1) and the structural limits against it are honestly acknowledged (Part 2), something concrete changes …
Where Augmentation Stops (Part 2 of 5)
In Part 1 I showed what AI in the SOC verifiably delivers: about 22 percent speed gain on tightly defined tasks. What marketing decks tend to leave out are the …
What the Data on AI in the SOC Actually Holds Up, and What Doesn't (Part 1 of 5)
“But ChatGPT says it’s fine.” “Our vendor promises 70 percent fewer headcount.” “Autonomous SOCs are right around the …
Numbers Nobody Questions — A Practitioner's View
Three numbers shape the DACH cybersecurity discourse: EUR 202.4 billion in Bitkom-reported cyber damages, 280,000 BSI malware variants per day, 29,151 reports …