LinkedIn’s Jeff Bollinger on the Role of Human Intuition in Addressing Security Challenges

In this episode, Jack Naglieri speaks to Jeff Bollinger, Director of Incident Response and Detection Engineering at LinkedIn, who shares valuable insights on his journey in security, key technological shifts he's witnessed, and his approach to threat intelligence, incident response, and monitoring. 

Jeff highlights the importance of contextual understanding in security operations and emphasized the critical role of human intuition, adaptability, and creativity in addressing security challenges. He also discussed the need for a balanced team with diverse skill sets and his views on the evolving role of AI in security operations.

Topics discussed:

• Technological shifts in the field of incident response and detection engineering, from the Y2K era to the present.
• The nuances of monitoring behaviors and moving towards higher-level monitoring: it’s useful but imperfect because humans can be unpredictable.
• Automation in security operations and how human analysts are still important and relevant because they have intuition that AI does not.
• Incorporating threat intelligence effectively in security programs: knowing what your scale is and what threats correspond to it.
• Building effective incident response programs and key considerations in security operations.  

Resources Mention: 

• Jeff Bollinger’s website & portfolio 
• Jeff Bollinger on LinkedIn