Pending ...

When Machines Learn to Prime: Rethinking Autonomous Security Operations

At ISOG’s “I AM SECURE 2025” Forum, Human Managed CEO Karen Kim explored how human intelligence can inspire a new kind of AI-powered cybersecurity — one that’s truly primed for outcomes.

I've always found how our brains (and gut) works quite fascinating. Like when you're walking through a familiar area and yet something just feels off. You can't quite put your finger on it, but your brain is screaming that something's not right.

That's priming at work. Your brain is constantly taking fragments of memory, experience, and knowledge, then mashing them together to make split-second judgments about new situations. It's what makes human intelligence so powerful, and so frustratingly hard to replicate in machines.

This disconnect between human intuition and machine capability was at the heart of our CEO Karen Kim's recent keynote at the ISOG Forum 3 (I AM SECURE 2025) event, where she unpacked this question:

How do we build autonomous security operations that actually work?

The Jollibee Test: Why Context Matters

Thekeynote opens with a thought experiment that perfectly captures the priming problem.

Slide2.jpeg
“Imagine walking down a street in Makati and seeing a Jollibee—but instead of the cheerful bee mascot, Ronald McDonald is standing there. There's a green car parked out front, doors wide open, completely empty.”

Your brain would immediately flag this as suspicious. Not because any single element is inherently dangerous, but because the combinationdoesn't fit your mental model of how the world should work. That's priming in action.

“This is what human intelligence is all about. It’s what makes us so powerful,”

But while humans excel at judgment, reflection, and emotion, our intuition is also biased and inconsistent. Machines, on the other hand, are the opposite — consistent, fast, and tireless, yet blind to context.

And that, according to Karen, is the challenge modern cybersecurity faces today.

Why Human + Machine Still Isn't Enough

In today’s hyper-connected environments, cybersecurity teams are overwhelmed — billions of alerts, overlapping data streams, and constant fatigue. Relying solely on either humans or machines is no longer enough.

“Modern security operations cannot succeed without machines being primed for outcomes,”

This means going beyond automation for automation’s sake. It’s not about feeding machines more data; it’s about teaching them to interpret, contextualize, and act the way humans do — but at scale and without bias.

Six Intelligence Blocks: Teaching Machines to Prime

Instead of building one massive AI solution,we took a page from how human intelligence actually works.Each part of the system represents a different kind of “intelligence,” working in parallel toward specific outcomes:

Slide7.jpeg
  • Discover – Uses linguistic and spatial intelligence to map and understand the environment.
  • Detect – Leverages numeric and sensory intelligence to spot anomalies and shifts from baseline.
  • Profile – Builds emotional and reflective intelligence by assessing asset trust and behavioral patterns.
  • Triage – Combines numeric and reflective intelligence to prioritize and reduce noise.
  • React – Informs reflective intelligence to determine the best next steps.
  • Resolve – Uses emotional intelligence to assign response actions with confidence and context.

Together, these blocks form what Karen described as “autonomous SecOps” — not a single, monolithic AI, but a network of specialized models that mirror how humans think, feel, and decide.

“Autonomous SecOps is not about creating one giant solution. It’s about creating specialized models, each primed for a specific input, process, and output.”

Why This Matters Beyond the Buzzword

As cybersecurity leaders rush to adopt AI, the key takeaway from Karen’s keynote is clear: AI should not replace human judgment — it should be trained by it.

By blending human intuition with machine consistency, organizations can move toward truly intelligent SecOps — one that’s proactive, context-aware, and outcome-driven.

“At Human Managed, we are not only building (autonomous SecOps) — we are running it today.”

The Path Forward

If there's one thing I took away from both the keynote and conversations at ISOG Forum 3, it's this: The future of cybersecurity isn't about choosing between human intuition and machine processing. It's about training machines to prime: to combine fragments of context into meaningful judgmentso that when human and machine intelligence come together, we achieve something neither could alone.

When humans and machines learn from each other, cybersecurity transforms from reactive firefighting to a living, learning system — one that’s always a step ahead.

Want to dive deeper into how these six intelligence blocks work together? Watch Karen's full keynote from ISOG Forum 3, where she breaks down each model with real-world examples of autonomous SecOps in action.