Policy, SOPs, and AI Are All You Need

The future of InfoSec and business management is evolving into a combination of four key elements: policy, state, standard operating procedures (SOPs), and action. Leaders determine policy, AI gathers state, and everything is done according to SOPs, which are regularly updated. Security becomes an integral part of the building process, rather than a separate process. The only human aspect of this process is determining policy and setting strategies. Everything else becomes execution and implementation of those ideas, which will increasingly be handled by AI. Humans should focus on coming up with ideas and starting businesses, using automation to implement them. This approach can revolutionize software security, where automation builds and tests software according to approved SOPs. Much of security comes down to things being built or implemented incorrectly, but automation can make a significant dent in both building and fixing issues. As a security professional, it's essential to consider where you want to be in this ecosystem, whether it's in automation, SOP definition, or creating original business ideas. The future of security lies in automation, and humans should focus on the creative and strategic aspects of the process.