Perfection is a myth resilience is a strategy – the future of cybersecurity – Intelligent CISO
Perfection is a myth resilience is a strategy – the future of cybersecurity – Intelligent CISO
Publish Date: 2026-02-17 04:18:00
Source Domain: www.intelligentciso.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
Jason Baden, Regional VP, F5, argues that organisations must abandon the myth of perfection in cybersecurity and instead build resilience by combining AI, automation and human judgement.
For too long, we have been sold the idea that perfection in cybersecurity is an achievable concept – that with the right combination of tools or the latest defence software we can ultimately eliminate any potential of cyber-threats.
But as we all know, perfection doesn’t reflect reality in virtually any aspect of life. Cybersecurity, like other fields rooted in human systems, is inherently imperfect – it’s an unfortunate truth we must come to terms with.
Similarly, humans aren’t perfect. Often our flaws are what shape us – the things that distinguish us from each other. These imperfections are also often what makes us adaptable, creative and even resilient to all the other imperfect realities we face.
The same should be applied to our approach to security – forget perfection, aim for resilience.
Shifting our view
Resilience is about management. It’s about designing systems that are prepared to absorb, adapt to and recover from attacks – acknowledging that breaches will always happen.
Adapting our mindset is the first step to stop chasing perfect and instead embedding resilience in our systems.
This is more critical now as AI and automation become a pillar of cybersecurity environments and cybercriminals’ approach. Machine Learning is enabling networks to be monitored in real time, detect abnormalities faster than any human could and reduce the frequency and impact of cyberattacks. However, despite how powerful it is, it cannot anticipate every scenario.
Why humans are the key to the puzzle
AI can do the groundwork – it can build the structure of the house – but to make it liveable it needs human capability and more importantly, human judgement. It doesn’t have the unique ability to adequately interpret nuance, context and intent – things only humans can offer.
AI systems may be able to detect, expose and even solve a threat but they don’t have the ability to put those incidents in business context. For instance, AI can flag a spike in API traffic, which could be indicative of a credential-stuffing attack – however it doesn’t have the capability to distinguish whether the attack is targeting a high-value customer login portal during a major promotional campaign. Only humans can judge whether the flagged threat requires escalation based on what else is happening in the company at the time.
That’s why human judgement is the key to an integrated system. True resilience relies on humans being able to interpret signals, assess context and make informed decisions, alongside the help of AI and automation: tools in our armoury.
Relying solely on AI and automation creates blind spots – where systems fail to properly assess an emerging threat – and blind spots leave the perfect opportunity for cyber-attacks.
The real-world impact
In FY2024–25, the ASD’s Australian Cyber Security Centre received more than 84,700 cybercrime reports – an average of one report every six minutes. Critical infrastructure accounted for 13% of all cybersecurity incidents, underscoring how essential services such as energy, transport and communications continue to be targeted.
These aren’t minor threats – they’re right on our doorstep and they’re escalating quicker than ever. The fallout of such compromises could mean a disruption of critical services, economic consequences or healthcare systems taken down.
In such high-stakes environments, the ability to bounce back is far more important than the false prophecy of never being vulnerable to attack in the first place.
The balancing act
Resilience is also about learning and using each breach as a lesson – each failure provides room for growth. By layering defence with appropriate systems and human oversight, you are more likely to succeed.
Unfortunately, many businesses haven’t developed a resilient business model – with 45% of IT professionals spending at least a quarter of their work week trying to resolve critical issues and service disruptions. That’s a whole lot of time lost that could’ve been spent on improving systems.
Likewise, nearly half of IT professionals cited ineffective processes as the biggest barrier to operational resilience – and 23% directing their lack of resilience at technology gaps.
This data underscores the urgency and need of businesses building a balanced and resilient business model – one that combines the speed and precision of AI systems and the intuition of humans.
What are the next steps?
Businesses must invest in both systems and people – they need to foster cross functional collaboration.
By adopting a resilience mindset, rather than chasing the impossible, businesses can build an adaptive and responsive model that can weather the inevitable breaches.
The future of cybersecurity lies in building systems and cultures that can bend and shift without breaking. In a world where threats will continue to evolve, that’s the only strategy which will stand the test of time.
