The lost art of writing things down
I was once enrolled in a programming module back at university. We had been given a task, to code something, so we all sat banging out whatever code we could on our keyboards.
Our professor looked around at our screens and did something that seemed bizarre at the time – he asked everyone to stop typing.
"You're all being incredibly inefficient," he said, "Some of the best programmers I know never start at the keyboard. They clarify their thoughts on paper first, and when they finally get to coding, it's infinitely easier."
Initially, I thought this was just academic nonsense. But reluctantly following his advice, I experienced an "ah ha" moment. Mapping out my ideas, the flow, and the outcomes on paper first helped everything flow more logically. While my coding skills were poor, there was a lot less frustration, and I knew what I was trying to achieve at each step.
Years later, I find myself considering that maybe that lesson was one of the most valuable I've ever received.
The scattergun approach of digital dependency
That early lesson in slowing down to think before acting feels increasingly relevant today, where the rush to digital solutions often replaces the clarity that comes from deliberate, offline thought.
In today's cybersecurity landscape, AI promises unprecedented automation and efficiency. Tools claim they'll automatically detect threats, write secure code or even respond to incidents. Need to draft a security policy? Ask ChatGPT. Looking for threat intelligence? Mindlessly scroll through Twitter (sorry, "X") hoping for inspiration. Trying to architect a secure system? Google for templates.
This creates a scattergun approach to security thinking – firing off in multiple directions without precision, hoping something hits the mark. While there's certainly value in these tools, there's also danger in over-reliance. It feels productive because we're consuming and producing content rapidly, and maybe even solving real issues – but are we actually thinking deeply?
Slowing down to go faster
Just like in the movie "Cars," Doc Hudson explains to Lightning McQueen that when a car loses grip and starts to slide, you need to "turn right to go left." This means turning the steering wheel in the direction opposite the slide to regain control and steer the car into the desired direction.
It seems counterintuitive. Lightning McQueen scoffs and sarcastically asks if Doc lives in opposite land.
But like many things, just because something feels counterintuitive, it doesn't mean it's wrong. Sometimes you need to slow down to go faster.
A few months back, I made what turned out to be one of my best investments – not in cryptocurrency, but in a fountain pen. Nothing extravagant, mind you, a relatively cheap one, but something that forces me to slow down.
For this reason, British Author Neil Gaiman writes the first draft of every book by hand. He says that with a computer you "write that down and look at it and then fiddle with it." But with a pen you "slow up a bit, but you're thinking the sentence through to the end, and then you start writing."
There's something about the deliberate nature of using a fountain pen. You can't rush or you'll smudge the ink. You become conscious of each word, each thought. Whether I'm working through a complex threat model or thinking through the methodology of a research paper, this forced slowdown has become invaluable.
The whiteboard on my wall serves a similar purpose for bigger ideas and collaborative thinking. Those moments of standing back, marker in hand, connecting concepts with arrows and diagrams not only makes me feel like I'm a genius, but it's actually where I have the best insights.
In an age where AI tools can generate ideas, write paragraphs and draft entire policies in seconds, the temptation is to let the machine think for us. But true insight rarely comes from speed alone. Sometimes, the best use of AI is knowing when not to use it—when to step away from the keyboard, pick up a pen or stand at a whiteboard. It's in those slower, analog moments where depth and clarity truly emerge.
Writing as a thinking tool
In cybersecurity, we're often focused on outputs, whether that be the fixed vulnerability or the secure deployment. But I've found that writing is less about the destination and more about the journey.
When investigating an incident or analysing a new attack technique, writing forces connections my brain wouldn't otherwise make. The physical act of writing, whether on paper or board, engages different cognitive processes than typing. It surfaces assumptions, highlights logical gaps and often reveals entirely new avenues of investigation.
Going back to my university days, it reminds me of my final year dissertation. Have I ever gone back to read it? Absolutely not. Has anyone cited it or used it for anything meaningful? Nope. But was it valuable? Unquestionably.
The dissertation wasn't about the final bound document; it was about building the discipline of sustained, deep thinking. It was about learning to organise complex ideas, defend positions with evidence and structure arguments coherently.
Today, with AI tools ready to summarise, generate and even argue for us, it's easy to bypass that thinking process. But outsourcing the writing often means outsourcing the thinking. AI can support analysis, but the insight—the real clarity—still comes from doing the hard work ourselves. Writing is where thought becomes visible, and in a world of instant answers, that slow, deliberate visibility is more important than ever.
The AI automation paradox in security
AI promises to revolutionise cybersecurity. With each passing day, new tools emerge claiming to automate everything from threat detection to incident response. And while these advancements are impressive and necessary, they simultaneously make the human element more crucial than ever.
Perhaps what cybersecurity needs isn't just more automation, but a balanced approach that preserves deep thinking. In my career, the most significant attacks weren't prevented solely by automated tools; they were prevented (or successfully investigated) by security professionals who had developed rigorous thinking processes and an attention to detail that can only come from slowing down and thinking deliberately.
When AI and automation promise to solve all our problems, we must remember that technology should augment, not replace, human insight. Writing things down, mapping out problems and thinking through scenarios methodically aren't outdated practices – they're timeless skills that become even more valuable in an automated world. It's not about resisting progress or technology, I embrace those enthusiastically, but about recognising that some cognitive processes can't, and shouldn't, be shortcut.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
2 days ago
- Scoop
Gigamon Launches AI Tools For Deep Observability
Multi-phase AI strategy delivers intelligent visibility and automation, sets a new standard for hybrid cloud security and management Gigamon, a leader in deep observability, today announced the first phase of its multi-year AI strategy, introducing foundational innovations designed to help organizations better secure and manage hybrid cloud infrastructure. The initial offerings include Gigamon AI Traffic Intelligence, which delivers real-time visibility into GenAI and LLM traffic across 17 leading engines to enable data-driven enforcement and policy governance, and GigaVUE Fabric Manager (FM) Copilot, a GenAI-powered assistant that simplifies onboarding, configuration, management, and troubleshooting of Gigamon deployments. By embedding AI into the Deep Observability Pipeline, Gigamon expands its value to customers by eliminating blind spots, strengthening governance, and enhancing operational efficiency across modern hybrid environments. We're embedding AI directly into the Deep Observability Pipeline to help customers strengthen cybersecurity with practical, easy-to-implement capabilities that keep pace with the speed and complexity of AI adoption. As GenAI workloads multiply, organizations face surging data volumes, expanding attack surfaces, and growing security risks. One of the most fundamental challenges is simply knowing which AI services are in use. In the 2025 Hybrid Cloud Security Survey of over 1,000 global Security and IT leaders, one in three reported that network traffic has more than doubled due to AI workloads, while 55 percent said their tools are failing to detect modern threats. In response, 88 percent now consider deep observability—combining network-derived telemetry with log data—essential for securing and scaling AI deployments across hybrid cloud infrastructure. 'As GenAI use matures in organizations, we're focused on both AI for security and security for AI,' said Michael Dickman, chief product officer at Gigamon. 'It has never been more true that you cannot secure what you cannot see, making complete visibility into AI traffic and workloads, including shadow AI usage, critical for today's Security and IT teams. That is why we're embedding AI directly into the Deep Observability Pipeline to help customers strengthen cybersecurity with practical, easy-to-implement capabilities that keep pace with the speed and complexity of AI adoption.' Complete Visibility into AI and GenAI Network Traffic: A New Standard for Cybersecurity The Gigamon Deep Observability Pipeline efficiently delivers actionable network-derived telemetry, including packets, flows, and application metadata directly to cloud, security, and observability tools, bringing the complete picture into focus. With the new AI Traffic Intelligence capability, organizations gain real-time visibility into GenAI and LLM activity from 17 leading engines, including ChatGPT, Gemini, and DeepSeek. The capability also allows user-defined targeting of additional LLMs beyond the pre-defined set, extending flexibility and reach. For ease of integration, this intelligence is agentless and applies even to encrypted data in motion, surfacing shadow AI usage and enabling more effective, policy-driven governance. AI Traffic Intelligence enables organizations to: Gain real-time insights into GenAI and LLM traffic across public, private, virtual, and container environments Identify shadow AI, or unsanctioned AI usage, to reduce risk and improve oversight Track usage patterns to inform governance and manage AI-related costs Empower Security and IT teams with trusted, network-derived telemetry to drive informed decisions 'Gigamon has established itself as a trusted source of granular network data, providing comprehensive visibility across highly complex, distributed environments,' said Bob Laliberte, principal analyst at theCUBE Research. 'As AI increases the complexity and volume of network traffic, clear visibility into GenAI activity has become critical. Gigamon is well-positioned to meet these emerging challenges by delivering the requisite insights to monitor AI usage, regain control, and take decisive action.' 'AI is accelerating digital transformation, but it's also introducing security risks and data challenges across hybrid cloud infrastructure," said Chris Konrad, vice president, Global Cyber at World Wide Technology (WWT). 'By integrating AI into its Deep Observability Pipeline, Gigamon delivers the complete visibility and insights our customers need to detect threats, govern GenAI use, and strengthen cybersecurity best practices. At WWT, we're proud to partner with Gigamon to shape the future of hybrid cloud security by delivering the deep observability customers require.' GigaVUE-FM Copilot Simplifies Deployment and Day-to-Day Operations Gigamon also introduced GigaVUE-FM Copilot, a GenAI-powered assistant designed to help organizations onboard, configure, manage, and troubleshoot their Gigamon environments with greater speed and accuracy. Embedded directly within GigaVUE-FM, GigaVUE-FM Copilot enables Security and IT teams to reduce time to insight, simplify complex workflows, and improve productivity. Through a natural language interface, GigaVUE-FM Copilot securely connects users directly to the internal knowledge base and LLM contained within technical documentation, deployment guides, and release notes, delivering fast, context-aware answers. This capability empowers Security, IT, and DevOps teams to resolve issues independently, whether or not they are power users, and reduce reliance on Tier 3 support resources. With GigaVUE-FM Copilot, organizations can: Simplify configuration and management using GenAI-assisted support Accelerate onboarding and feature discovery to improve readiness Instantly search documentation to troubleshoot and apply best practices Reduce Tier 3 support escalations by enabling broader self-service Improve operational efficiency across teams and environments Availability and Roadmap The AI Traffic Intelligence capability is available now for all GigaVUE Cloud Suite customers. GigaVUE-FM Copilot is in early access for select customers, with general availability in 2H25. Additional AI-powered innovations are underway as part of the multi-phase strategy and will be spotlighted at the Gigamon Visualyze Bootcamp, the company's virtual customer conference taking place Sept. 9–11. For more information
Scoop
3 days ago
- Scoop
Ceasefire Holds, But Experts Warn Cyber Tensions Between Iran And The West May Be Far From Over
As a U.S.-brokered ceasefire between Israel and Iran holds for now, cybersecurity experts are urging vigilance—noting that while military activity may have paused, cyber tensions are likely to continue simmering beneath the surface. 'In light of recent developments, the likelihood of disruptive cyberattacks against U.S. targets by Iranian actors has increased,' said John Hultquist, chief analyst at Google's Threat Intelligence Group. 'Iran already targets the U.S. with cyberespionage… and individuals associated with Iran policy should be on the lookout for social engineering schemes.' A new report from cybersecurity firm Radware adds weight to those concerns, warning that the Israel-Iran conflict has seen an evolution into a hybrid war that includes cyberspace. According to their latest advisory: Nearly 40% of global DDoS activity recently targeted Israel, with signs of spillover affecting the U.S., U.K., and Jordan. Hacker groups such as DieNet, Arabian Ghosts, and Sylhet Gang have issued warnings or taken credit for attacks, some aimed at Western nations. AI-generated disinformation and deepfakes have appeared across digital platforms, contributing to confusion and information warfare. 'Critical infrastructure, supply chains, and global businesses could become collateral targets if cyber tensions escalate further,' said Pascal Geenens, Director of Threat Intelligence at Radware. 'The Israel-Iran conflict of 2025 is a stark illustration of how modern hybrid warfare plays out online as much as in the real world.' While the ceasefire has reduced the immediate risk of open military confrontation, experts believe that cyberspace may remain a domain for ongoing friction—especially as cyber operations allow for plausible deniability and targeted disruption. Hultquist cautioned that while Iranian cyber operations may sometimes exaggerate their impact, the risk for individual organisations remains serious. 'We should be careful not to overestimate these incidents and inadvertently assist the actors,' he said. 'The impacts may still be very serious for individual enterprises, which can prepare by taking many of the same steps they would to prevent ransomware.' For now, the digital front may be quiet—but beneath the surface, it's likely that espionage and influence operations are still underway.
Techday NZ
4 days ago
- Techday NZ
Google launches Gemini 2.5 models with pricing & speed updates
Google has released updates to its Gemini 2.5 suite of artificial intelligence models, detailing stable releases, new offerings, and pricing changes. Model releases The company announced that Gemini 2.5 Pro and Gemini 2.5 Flash are now generally available and deemed stable, maintaining the same versions that had previously been available for preview. In addition, Google introduced Gemini 2.5 Flash-Lite in preview, providing an option focused on cost-effectiveness and latency within the Gemini 2.5 product line. Gemini 2.5 models are described as "thinking models" capable of reasoning through their processes before generating responses, a feature that is expected to enhance the performance and accuracy of the tools. The models allow developers to manage a so-called "thinking budget", granting greater control over the depth and speed of reasoning based on the needs of individual applications. Gemini 2.5 Flash-Lite Gemini 2.5 Flash-Lite is intended as an upgrade for customers currently using previous iterations such as Gemini 1.5 and 2.0 Flash models. According to the company, the new model improves performance across several evaluation measures, reduces the time to first token, and increases decoding speed in terms of tokens per second. Flash-Lite is targeted at high-volume use cases like classification and summarisation at scale, where throughput and cost are key considerations. This model provides API-level control for dynamic management of the "thinking budget." It is set apart from other Gemini 2.5 models in that its "thinking" function is deactivated by default, reflecting its focus on cost and speed. Gemini 2.5 Flash-Lite includes existing features such as grounding with Google Search, code execution, URL context, and support for function calling. Updates and pricing Google also clarified changes to the Gemini 2.5 Flash model and its associated pricing structure. The pricing for 2.5 Flash has been updated to USD $0.30 per 1 million input tokens (increased from USD $0.15) and USD $2.50 per 1 million output tokens (reduced from USD $3.50). The company removed the distinction between "thinking" and "non-thinking" pricing and established a single price tier, irrespective of input token size. In a joint statement, Shrestha Basu Mallick, Group Product Manager, and Logan Kilpatrick, Group Product Manager, said: "While we strive to maintain consistent pricing between preview and stable releases to minimize disruption, this is a specific adjustment reflecting Flash's exceptional value, still offering the best cost-per-intelligence available. And with Gemini 2.5 Flash-Lite, we now have an even lower cost option (with or without thinking) for cost and latency sensitive use cases that require less model intelligence." Customers using Gemini 2.5 Flash Preview from April will retain their existing pricing until the model's planned deprecation on July 15, 2025, after which they will be required to transition to the updated stable version or move to Flash-Lite Preview. Continued growth for Gemini 2.5 Pro Google reported that demand for Gemini 2.5 Pro is "the steepest of any of our models we have ever seen." The stable release of the 06-05 version is intended to increase capacity for customers using Gemini 2.5 Pro in production environments, maintaining the existing price point. The company indicated that the model is particularly well-suited for tasks requiring significant intelligence and advanced capabilities, such as coding and agentic tasks, and noted its adoption in a range of developer tools. "We expect that cases where you need the highest intelligence and most capabilities are where you will see Pro shine, like coding and agentic tasks. Gemini 2.5 Pro is at the heart of many of the most loved developer tools." Google highlighted a range of tools built on Gemini 2.5 Pro, including offerings from Cursor, Bolt, Cline, Cognition, Windsurf, GitHub, Lovable, Replit, and Zed Industries. The company advised that users of the 2.5 Pro Preview 05-06 model will be able to access it until June 19, 2025, when it will be discontinued. Those using the 06-05 preview version are directed to update to the now-stable "gemini-2.5-pro" model. The statement concluded: "We can't wait to see even more domains benefit from the intelligence of 2.5 Pro and look forward to sharing more about scaling beyond Pro in the near future."
