Human-first AI is essential for cyber-defence

Artificial intelligence (AI) has upped the ante in cyber-security, arming attackers with more sophisticated ways to attack organisations. But it’s also giving defenders unprecedented power to anticipate, detect and respond faster than ever before.

 

Fighting fire with fire may be a smart approach, but simply throwing more technology at the problem doesn’t necessarily guarantee greater resilience. 

 

If we’ve learnt anything in recent years, it’s that while AI and automation have the ability to analyse data at a scale no human team could ever match, abdicating all responsibility is not the solution either. That’s because no algorithm, however advanced, can yet replicate human judgment. 

 

I say ‘yet’ because the technology is moving so fast, who knows what might be around the corner? Until it does, we need to keep people in the loop. Don’t just take my word for it. 

 

Earlier this year, Tanium teamed up with the membership community for business and tech leaders, Chief Disruptor, to get a better understanding of how automation, data and human insight combine to create organisational resilience in an age of complexity. 

 

 

Human insight remains critical

The result is an in-depth report – The Interconnection between People, Process and Technology – packed with the thoughts, views and experiences of almost two dozen senior decision-makers from industries including finance, telecommunications, healthcare, government and logistics.

 

Its findings make one point clear: while AI can accelerate response and efficiency, lasting security still depends on human oversight and ethical design.

 

As Duncan Hayes of financial services company Hargreaves Lansdown points out, the problem isn’t that automation is advancing too fast; it’s that many businesses treat it as a replacement rather than a reinforcement of expertise. 

 

“The best security tools mean nothing without skilled, well-supported professionals to operate them,” he said. And like many in our industry, he believes automation can play a key role in reducing the burden of manual and repetitive tasks, especially if it frees up analysts to stay engaged and curious.

 

“Security professionals enjoy their jobs when they’re solving interesting problems, not sifting through endless alerts,” he said. “Our goal is to use AI and automation to enhance their efficiency, while keeping their roles engaging. AI can help contextualise alerts, filter out false positives and provide actionable intelligence. This allows our analysts to focus on investigations that require human intuition and lateral thinking.”

 

Not only does this approach make practical sense; it makes sound ethical sense too. True responsibility means maintaining a  human-led circle of trust, where skilled professionals guide intelligent systems to ensure security decisions remain transparent, accountable, and resilient by design.

 

 

Redefining what good AI talent looks like

So, if AI-based security systems are only as effective as the humans guiding them, it means the industry needs to recruit talent who not only understand the mechanics of AI but also the broader ethical, operational, and human implications as well. 

 

This is an area that is close to my heart. For me, people – or rather, leadership and culture – are the foundation of cyber-security success. Throughout my career, I’ve focused on building teams that can adapt and thrive, because the right people will always find the right way to use the technology at their disposal.

 

Key to that success is being able to build a diverse team. Engineers should work alongside ethicists, behavioural scientists, and policy specialists to anticipate bias, understand user behaviour, and design systems that reflect real-world complexity. 

 

When I worked at the Ministry of Defence, my goal was to give my people the confidence to fight back, not to be stuck on the back foot, reacting after the fact. I wanted them to have the insight and assurance to anticipate issues and take decisive action before they became problems.

 

 

Human-first AI as a competitive advantage

That’s why I believe strong cyber-security starts with effective patch management. Right now, it’s still a largely manual process full of checks and balances.

 

We need to move toward a model where systems handle updates automatically – within parameters that align with each company’s risk tolerance – and where people step in only to pause or override when warning signs appear. 

 

That’s what I mean when I talk about human-first AI. True resilience comes from combining the best of both worlds: the precision and speed of AI with the intuition, creativity, and ethical reasoning of people. That’s why I’m focused on building systems that strengthen human oversight, not sideline it, ensuring that every automated action can be traced, explained, and, if necessary, overridden.

 

---

 

Dan Jones is Senior Security Advisor at Tanium

 

Main image courtesy of iStockPhoto.com and roberthyrons