It is easy to dismiss virtual reality and augmented reality in a security operations center (SOC) because they are mostly over-hyped technologies whose consumer applications are riddled with cyber vulnerabilities. Ultimately, many organization have drawn the conclusion that VR and AR are as applicable to real world CISOs as warp drives and time travel.
However, there are some promising uses of VR and AR for SOCs that may go beyond security theatre. IBM Ireland, ProtectWise, and the NSA are among the few groups trying to develop VR or AR solutions for security operations centers.
Taking a SOC to the cloud
IBM Ireland has developed a prototype VR solution that aims to assist security staff so they can take their SOC anywhere. This could help security teams work more in the cloud, without needing to be attached to a fixed location and physical infrastructure. ProtectWise, a cyber company developing its own VR product for SOCs, also claims in CSO Onlinethat there is more computing power and storage in the cloud in a VR setting than in traditional on premises solutions.
Helping visualize, prioritize threats
IBM Ireland, ProtectWise, and the NSA all highlight the advantages of displaying data in a more visual manner through VR or AR rather than in a traditional 2-D environment. Several IBM developers note in SecurityIntelligence that the visible nature of VR helps more workers perform the roles of a frontline SOC level-one security analyst. The optical cues in such a setting could significantly ease the load on a SOC, not demanding that only veteran security professionals perform various high level tasks. They saw value in explaining complex issues through visual metaphors. Additionally, they mention the benefit of security professionals being able to mediate threats by talking to people in VR, rather than switching in and out of being online to discuss matters in person. This could reduce the cognitive load of context switching.
Meanwhile, the NSA has been developing an augmented reality system to help security professionals see the most pressing concerns. Lead by Dr. Josiah Dykstra, a team technical director at the National Security Agency’s Laboratory for Telecommunication Sciences, it helps SOCs separate the “signal from the noise.” They envision workers wearing an augmented reality device like Google Glass, where prioritized threats would be shown above other information.
ProtectWise’s VR solution works in a similarly visual way as what the NSA describes. They try to help SOC teams not get overwhelmed, tired, or bored by typical data feeds by creating an “exciting, game-like experience” through their VR interface. This could be crucial in getting security professionals to be more engaged and able to spot the gravest threats.
Forbes writes that by 2019, the worldwide shortage of cyber security workers is expected to reach 2 million. Considering the high level of competition for security professionals, enabling more workers to fill roles remotely by allowing them to operate in a VR environment may help cyber companies recruit more staff.
ProtectWise went as far as to commission a study about this. They claim that security companies using VR or AR “game-like” interfaces could attract significantly more Gen Z and millennial workers who grew up with video games. According to its survey of more than 500 U.S. residents between the ages of 16 and 24, 74% of the ProtectWise respondents said, “They are likely to pursue an IT security career if cybersecurity tools incorporate virtual reality and augmented reality technologies.”
Worthy necessities that are not really one step beyond
Are any of these solutions truly visionary for cyber security? Probably not. But they are trying to address big problems for SOCs, such as prioritizing threats, making data more visual and comprehendable, envisioning new methods for team collaboration, and recruiting talent. And those are worthy goals.