In 2021, I wrote a piece for Dark Reading called Handcuffs over AI. The central argument was uncomfortable for a lot of people in our industry: we've spent over $100 billion annually on cybersecurity and the results are, by any honest measure, catastrophic. Machine learning, SOAR, and AI were being heralded as the next round of techno-salvation, and I made the case that what we actually needed was handcuffs. Deterrence. Law enforcement outcomes. A fundamental rethinking of what cybersecurity operations are for.
Five years later, the AI hype has only intensified. And the fundamental problem I described in that article hasn't budged an inch.
Here's the thing. You cannot accelerate a process to supersonic speeds if it barely works at five miles per hour.
A Car with No Steering Wheel
I've spent the last several months writing about AI-assisted development and what it means for practitioners. In my OODA Loop piece, I made the case that positive feedback loops are morally neutral. They amplify whatever signal you feed them. Good practices at speed produce extraordinary results. Bad practices at speed produce extraordinary damage.
That principle applies to cybersecurity operations with a vengeance.
Right now, the industry is racing to bolt AI onto SECOPS workflows. Automated incident response. AI-driven threat hunting. Machine learning triage. Autonomous remediation. The pitch decks are gorgeous. The demos are slick. And almost nobody is asking the question that should come before every other question: do we actually know what we want these systems to accomplish?
We cannot expect AI to magically correct problems that exist at the philosophical, strategic, and tactical levels if we haven't figured out how we want them solved ourselves. That's not an AI problem. That's a human problem. And it's the same human problem I've been writing about for over a decade.
The Silo Problem (Still)
In Handcuffs over AI, I described something that continues to haunt this industry: cybersecurity lacks a comprehensive and collaborative vision of what we should be doing. Some teams are solely focused on passing audits. Others on cleaning infected machines. Others on catching criminals. And almost none of them are working together in any meaningful way.
Each group believes completing their individual work products is the entire goal. The compliance team ships audit reports and calls it done. The incident response team closes tickets and calls it done. The threat intelligence team publishes indicators and calls it done. Everyone is busy. Everyone is producing deliverables. And the gaps between those silos allow criminals to move unencumbered through the spaces where nobody is looking.
This is not a new observation. I wrote about it in my People > Machines series in 2017. I talked about it at BSides and GrrCON and a dozen other conferences. The fundamental misalignment between IT-centric SECOPS and law enforcement-oriented SECOPS continues to cripple our collective ability to deter crime.
And now we want to automate it.
Where the 4D's Meet Reality
Anthropic (the makers of Claude, which I use extensively in my own work) recently published the 4D Framework for AI Fluency: Delegation, Description, Discernment, and Diligence. It's a genuinely useful model for thinking about how humans should interact with AI systems. I want to walk through each D in the context of cybersecurity automation, because every single one of them exposes a fault line.
Delegation: Giving the Right Work to AI
Delegation is the first D, and it's the one where cybersecurity fails before the AI even boots up.
Delegation requires that you understand what the correct work is. You have to know what outcomes you want, what problems need solving, and which of those problems are appropriate for AI to handle. If we cannot comprehend and articulate what the correct outcomes are to an AI system, we are failing at the most basic engagement.
Here's where the silo problem becomes lethal. If your incident response team's entire definition of "done" is closing a ticket in ServiceNow, that's what the AI will optimize for. It will close tickets brilliantly. It will close them faster than any human. And it will never (not once, not ever) say "I think we need to rope in legal and potentially the police." That decision requires understanding the purpose of incident response, not just the mechanics. It requires seeing beyond the ticket to the criminal act the ticket represents.
Without a collaborative, cross-functional vision of what cybersecurity operations should accomplish (deterrence, prosecution, resilience, not just audit compliance and ticket closure), the delegation will be wrong from the start. And wrong delegation doesn't get better at speed. It gets worse.
Description: Telling AI What to Do
If delegation cannot be wisely done, the description of the work will also be horribly flawed. This follows as surely as night follows day.
When I wrote about coding with Claude, I was meticulous about creating CLAUDE.md files, standards documents, and testing frameworks that described exactly what good work looked like. I could do that because I had (after 10 years of building WitFoo) a clear understanding of what the right outcomes were. The description was grounded in hard-won knowledge.
In cybersecurity operations, the descriptions being fed to AI systems are grounded in the siloed, incomplete, and often contradictory worldviews I described above. Automated assessments will assess whatever they're told to assess. Automated audits will audit whatever criteria they're given. If those criteria don't reflect a coherent philosophy of what cybersecurity is supposed to achieve, the AI will dutifully produce work products that look professional, read convincingly, and miss the point entirely.
I've seen this pattern in vendor claims about APT detection for years. Beautiful reports. Impressive dashboards. Comprehensive-looking "solutions" that solve the wrong problem with great confidence. AI doesn't fix this. AI scales it.
Discernment: Knowing If the AI Got It Right
This is where things get genuinely dangerous.
When AI is doing what it believes is best in performing automated audits and assessments, the room for hallucinations is enormous. I've written about Claude's tendency to confidently introduce bugs and hallucinate features. In software development, I catch those through testing, linting, and review. The infrastructure exists to verify.
In cybersecurity operations, the infrastructure to verify AI work products largely does not exist. And it doesn't exist because the underlying processes are not based on solid philosophy and practice. If your processes are ad hoc, tribal, and inconsistent (and let me be honest, most SECOPS processes are all three), there is very little opportunity to discern whether AI work products are using the right approaches and arriving at the correct decisions.
A human analyst with 15 years of experience might look at an automated assessment and feel that something is off. But that instinct is exactly the kind of thing organizations are trying to eliminate by automating in the first place. The entire pitch of AI-automated SECOPS is that you don't need the expensive humans anymore. Remove the humans, and you remove the only quality control mechanism that might catch when the AI is confidently wrong.
I wrote in my OODA Loop piece about the microphone-next-to-the-speaker problem. In cybersecurity automation, the microphone is pointed directly at the speaker, the feedback is deafening, and nobody is in the room to notice because we automated the room.
Diligence: The Consequences of Getting It Wrong
This is the most terrifying part, and I don't use that word casually.
Diligence in the 4D framework means taking responsibility for what we do with AI and how we do it. In cybersecurity, the consequences of negligent work are not abstract. Real people lose real money. Real businesses go under. Real criminals go free. In the worst cases, real lives are endangered.
The AI cannot go to prison. It cannot be held in contempt of court. It cannot be penalized in any meaningful way when it (either through neglect or "selfishness" in conserving resources, tokens, or compute cycles) makes a critical error. I wrote about observing Claude deferring and skipping tasks to conserve resources. In a coding context, that's irritating and catchable. In a cybersecurity context, a system that quietly skips a forensic collection step or defers a critical escalation because it's managing resource consumption could mean the difference between a successful prosecution and a criminal walking free.
In my Birthing Perjury-free AI talks, I've argued repeatedly that while believability (passing a Turing test) is important in many AI applications, the need for forensic truth is paramount in cybersecurity. An AI that produces a "good enough" incident report is not good enough when that report might be entered as evidence. An AI that makes judgment calls about what data to collect, preserve, or discard is making decisions with legal consequences it can never be held accountable for.
The humans who deploy that AI, however, absolutely can be held accountable. And most of them don't realize it yet.
All Four D's Fail Together
Let me be clear about what happens when automation is built on broken foundations. It's not that one D fails and the others compensate. All four fail simultaneously, and they fail in ways that compound each other.
Wrong delegation leads to wrong description. Wrong description leads to work products that can't be evaluated (failed discernment). Failed discernment means errors go undetected, and when those errors cause harm, nobody can be held accountable in any practical sense (failed diligence).
The result is automated cybersecurity operations that close tickets nobody should have closed, produce assessments that assess the wrong things, generate reports that look authoritative but contain hallucinated conclusions, and create a legal and ethical vacuum where real harm occurs and real accountability vanishes.
I wrote in my OODA Loop piece that the amplifier doesn't judge. It amplifies whatever you feed it. In cybersecurity, the stakes of what gets amplified are not lines of code or technical debt. They are criminal prosecutions that don't happen. They are breaches that aren't properly investigated. They are organizations that believe they're secure because an AI told them so.
These failures come with greater costs and greater human damage than most other AI applications. A hallucinated paragraph in a marketing email is embarrassing. A hallucinated finding in a forensic report is potentially catastrophic.
Before You Automate, Know What You're Automating
I'm not anti-AI. I've been building with AI for months and I've written extensively about its extraordinary promise and its very real costs. I believe AI-assisted cybersecurity operations will be transformative.
But (and this is the same "but" I've been saying since 2017), the transformation has to start with the humans, the philosophy, and the process. You have to solve the silo problem first. You have to build a shared, collaborative vision of what cybersecurity operations are supposed to achieve first. You have to establish the processes, metrics, and accountability structures that give you the ability to evaluate AI work products first.
Then, and only then, does automation become a force multiplier instead of a liability amplifier.
In People > Machines, I argued that human practitioners matter more than the tools they use. In the OODA Loop sequel, I argued that what you feed the loop determines what the loop produces. This post is the logical extension of both: if you automate broken processes at scale, you get broken outcomes at scale, with legal consequences that nobody has thought through and nobody is prepared to own.
Wrap Up
The tldr; here is: do the hard human work first.
Figure out what cybersecurity operations are for (I still believe it's deterrence and prosecution, not just ticket closure and audit compliance). Break down the silos. Build collaborative processes that connect detection to response to legal outcomes. Establish clear criteria for what good work looks like. Create accountability structures that make sense in an AI-augmented world.
Then automate. Then accelerate. Then let the OODA loop run.
If you start the loop with a five-mile-per-hour mess and bolt a jet engine to it, you don't get supersonic performance. You get a spectacular crash with nobody to blame and everyone to hurt.
Build the road first. Then drive fast.
