How AI can improve the skills of security experts
Even though AI has long been a part of security, companies are eager to incorporate these technologies into security workflows because of the next wave of generative AI capabilities.
Although artificial intelligence (AI) has long been a part of cyber security from automation to machine learning its recent development has opened up a world of opportunities for the sector.
Businesses must have a thorough grasp of how AI may be used to further their goals, just like with any new technology. This is especially crucial for contemporary cyber security.
AI has the potential to improve human talents and address problems in a wide range of fields, and cyber security companies are no exception.
Machine learning in particular has been included into systems to assist with log analysis, threat prediction, vulnerability scanning, and better tools. In order to maximize workforce augmentation, organizations are now looking for ways to further optimize and leverage these new services in addition to their current toolkit, thanks to the introduction of generative AI.
AI is causing a significant change in cyber security.
According to Splunk study released this year, 91% of security teams and the vast majority of surveyed firms (93%) believe they have now implemented generative AI solutions in some capacity.
Undoubtedly, there is a rush to use these tools, as seen by the fact that just half of security teams in enterprises indicate they are actively building a company policy on generative AI, and 34% of teams operate without one. This is in line with earlier study by Acumen, which predicted that by 2030, the market for artificial intelligence in cyber security will grow from $14.9 billion, when ChatGPT initially appeared, to $133.8 billion.
This is an inflection point, according to executive vice president and general manager of security and collaboration at Cisco, Jeetu Patel, who recently highlighted the sheer scale of the sea change the security industry is about to experience.
In his keynote speech at the RSA conference, Patel stated, “The cyber security industry is about to have a pretty seismic change in the way that it’s going to operate.” “I believe you may begin to see us entering a level of abundance for the first time in human history.
Our ability to increase human capacity will be so profound and develop at such different rates and magnitudes than anything we have ever witnessed that, if you had a team of, say, twenty developers, you could easily expand that number to one hundred through the use of digital workers.
Using AI to improve workflows for cyber security
According to the Splunk report, there are various ways that cyber security professionals can use generative AI tools to improve their daily workflows. Technology is considered a “force multiplier” since it may help with a number of activities, including as risk identification, threat intelligence analysis, threat prioritization and detection, and data summarization.
The development of large language models (LLMs) in particular has made it possible for professionals to quickly and efficiently compile vast and varied datasets and provide information faster than any human could. LLMs can also identify signs of compromise and attack strategies, compiling this data into an intelligence report.
By using generative AI to search through potential occurrences and prioritize and triage warnings that would have otherwise been misclassified even if there was only a slight chance of that happening the potential for human mistake can also be reduced.
Lastly, by distilling the material into a more readable and concise style, generative AI techniques can assist security personnel in summarizing recent changes to national and international laws and policies.
Red Hat claims that the pattern recognition capabilities of AI may also be used to identify irregularities in cyber security, which could be signs of impending assaults. More specifically, machine learning models are able to recognize ‘typical behavior’ in a system and detect anomalies or outliers. Cyber security professionals can spend more time on vital work and worthwhile initiatives by using AI to automate manual processes.
Likewise, generative AI tools can be used to help cyber security professionals review source code alongside configuration and infrastructure code.
Finally, attack simulations can be run on the code to test whether common attack types may exploit as-of-yet undetected vulnerabilities.
Avoiding ‘silver bullet’ syndrome with AI adoption
The danger when a technology like AI comes around is that teams within organizations see it as an easy-to-implement solution that won’t require any preparation or planning – especially one as intuitive and user-friendly.
Chris Stouff, the CSO of Armor Defense, stated in an interview with ITPro earlier this year that it’s critical to understand both the advantages and drawbacks of technologies like AI assistants. Specifically, teams should not consider AI to be a stand-alone solution that eliminates the need for a security operations center (SOC) and should consider it “dangerous” to perceive AI as a cyber security “silver bullet.”
It chimes with Splunk’s findings that a lack of process and planning “could come back to haunt security teams”, just as businesses struggled with a lack of preparation during the emergence of cloud and the internet of things (IoT). According to Red Hat, special attention needs to be paid to the potential for AI to grow the attack surface of a business, particularly if tools are not properly configured.
Although AI can be used for good or bad, like with any new technology, businesses naturally want to incorporate new AI services into their processes as soon as possible. Businesses must prioritize careful planning, set clear policies and processes, and make sure these aren’t seen as a catch-all or silver bullet that means relaxing other measures and legacy processes that the technology might not be good enough to emulate just yet if cyber security professionals are to get the most out of this technology.
Discover more from
Subscribe to get the latest posts sent to your email.