Most of the usage of AI is expected to augment rather than necessarily replace cybersecurity professionals. As the overall size of the attack surface continues to expand it’s simply not feasible for cybersecurity teams to defend against every possible threat without some additional help. There are already millions of cybersecurity positions that are not being filled because of a chronic skills shortage. At the rate at which cybersecurity students are being trained most of those positions might never be filled.
AI, of course, will have a significant impact on the cybersecurity profession. Many entry-level cybersecurity positions will be eliminated because most of the tasks performed by those individuals will become automated. The amount of salary that cybersecurity professionals might be able to command should also be impacted. Salaries are usually a function of supply and demand. As AI becomes more pervasive, demand for cybersecurity expertise in the form of a human will ease somewhat.
Like it or not, the fact is that AI applications don’t ever suddenly take a new job, get sick or forget anything they’ve learned. The cost of setting up those AI applications will also continue to fall to the point where the cost of employing a machine to perform security task will be less expensive than hiring a hiring a human to perform the same task.
Naturally, none of this is going to occur overnight. AI applications are only as good as the algorithms on which they are based. Those algorithms require access to massive amounts of data to identify patterns. Someone with cybersecurity expertise needs to train those algorithms to recognize various types of attacks. As the attack vectors shift, someone will also need to train new AI models capable of recognizing those new patterns. While the amount of time required to train an AI model is starting to be reduced, it still requires a significant amount of time and effort to train algorithms to handle cybersecurity tasks. In fact, there’s likely to be a need for new algorithms to be developed specifically for cybersecurity. Most of the algorithms being employed in AI applications today were developed decades ago.
The one thing that will change sooner than later is increased reliance on cloud security services. The only way to cost-effectively aggregate all the data required to drive an AI application is to employ a cloud service. In effect, the shift to cloud security is a prerequisite for developing AI applications.
Cybersecurity professionals should assume their adversaries are making similar investments. It’s already apparent cybercriminals will be leveraging AI algorithms to discover vulnerabilities, which bots will then be able to target with greater precision at much faster rates than ever before. Increased reliance on AI to help thwart those threats will be required. In fact, the future of cybersecurity might be one where algorithms occasionally augmented by human intelligence do battle against one another.
In the meantime, cybersecurity professionals should start getting used to the idea that their next team member may not be a human. They’ll be able to communicate with that new team member via natural language processing (NLP) models crafted by the developers that created the application. But don’t expect that new team member to be overly empathetic the next time you make a mistake.
This article was originally published here.