Artificial Intelligence (AI) has become an indispensable tool in the field of cybersecurity. As the threat landscape continues to expand and cyber criminals leverage AI for malicious purposes, cybersecurity professionals must stay ahead of the curve by embracing AI technology.
Tom Vazdar, a seasoned Chief Security Officer, emphasized the importance of learning AI in cybersecurity, stating:
We need to learn about the techniques and tools that cyber criminals are using, and we need to build the defense. We need to understand how the offense works to stay ahead.
By understanding the offensive capabilities of AI, cybersecurity professionals can better prepare themselves to counter emerging threats. Moreover, AI can significantly enhance the efficiency and effectiveness of various cybersecurity tasks. As Tom explained:
With the implementation of AI in cybersecurity, you can automate many processes much faster and more diligently, reducing the need for extensive manual labor.
Free IT Security Policies
Get a step ahead of your goals with our comprehensive templates.
This automation can streamline documentation, incident response, and routine tasks, freeing up valuable time and resources for more critical projects.
Jonathan Todd, an AI security researcher with a strong software engineering background, highlighted the potential of AI to empower cybersecurity analysts with greater accessibility to information.
AI has consolidated the accessibility of information and the speed and velocity of that accessibility. Analysts can now focus on the fundamentals of the profession and grab the information they need as they need it, rather than memorizing every nuanced command or protocol.
By leveraging AI, cybersecurity professionals can enhance their capabilities, stay ahead of emerging threats, and streamline their workflows, ultimately bolstering the overall security posture of their organizations.
What Is The Best Way Cybersecurity Professionals Can Learn AI?
While the prospect of learning AI may seem daunting, both Tom and Jonathan offered valuable insights into effective approaches for cybersecurity professionals and enthusiasts.
Jonathan, a software engineer himself, advocated for learning to code and utilize AI APIs.
I would encourage people to graduate beyond just using the chatGPT web app and actually learn to use their API. Then, you’ll be able to script out multi-step queries and leverage the results of one query to inform the next steps.
By mastering coding and AI APIs, professionals can automate and streamline their workflows, maximizing the potential of AI. Tom, on the other hand, emphasized the importance of understanding processes and the role of AI within those processes.
You really need to understand your processes to see how you can change them with AI. Once you understand your process, you can see how to automate parts of it using AI in the background.
This process-oriented approach ensures that AI is seamlessly integrated into existing workflows, optimizing its impact. Both experts agreed that continuous learning and networking are essential components of mastering AI in cybersecurity.
As Tom stated:
You need to network a lot, understand what’s happening in the industry, and pursue continuous education. This is a 24/7 lifestyle, not just an 8-hour workday.
The rapid pace of AI advancements necessitates a commitment to lifelong learning and collaboration with like-minded professionals.
Will AI Change The Traditional Career Path To Land A Job In Cybersecurity?
The advent of AI is poised to reshape the traditional career paths in the cybersecurity field. While formal education and certifications remain valuable, the accessibility of information and the ability to learn and demonstrate skills through practical projects are gaining traction.
Learn More: Is AI The Future Of Penetration Testing?
Jonathan, who has no formal degree in cybersecurity, challenged the notion that a traditional academic path isn’t essential.
I have a superior with a master’s degree who is now asking me for help getting a job in the field because hiring decisions don’t seem to respect that degree as they used to. With the accessibility of information, including AI, it’s easier now more than ever to bootstrap that education and make projects, launch labs, and network.
However, Tom acknowledged the value of formal education, suggesting that new degree programs in AI and cybersecurity are emerging to meet the evolving demands of the industry.
You still need to go to university and gain your education, but you also need to understand whether you want to build AI in cybersecurity or use AI in cybersecurity.
As AI continues to democratize access to knowledge and skills, the traditional career path may become less rigid. Professionals with a passion for self-directed learning, practical projects, and a willingness to embrace AI as a mentor and tutor may find themselves well-positioned for success in the cybersecurity field.
Can AI Lead To Entirely New Job Roles, And If So, What Might These Look Like?
The integration of AI in cybersecurity is not only transforming existing roles but also paving the way for entirely new job roles and specializations. Both Tom and Jonathan offered insightful perspectives on the potential for AI to create novel career opportunities.
Jonathan envisions a future where “AI versus AI” becomes a reality, with cyber criminals leveraging autonomous AI platforms to launch attacks at an unprecedented scale.
The defenders will have to use AI aggressively. It won’t be a matter of should we use it but how quickly can we get to using it as robustly as the attackers are.
This scenario could give rise to new roles focused on wielding AI for defensive purposes, such as AI security analysts or AI threat hunters.
Tom highlighted the emergence of roles like “AI trainers,” who teach professionals how to use different AI models, and “AI auditors,” responsible for implementing and auditing AI systems following standards like ISO 42000.
In addition, he foresees the need for “AI business strategists” to help organizations incorporate AI into their overall business strategies.
Other potential roles mentioned by Tom include “data detectives,” who leverage AI for digital forensics and data leakage investigations, and “AI red teamers,” who use AI to simulate and defend against sophisticated attacks.
As AI continues to permeate the cybersecurity landscape, the demand for specialized roles and expertise in leveraging AI for various security functions is likely to grow, creating exciting new career opportunities for professionals.
What Steps Can Cybersecurity Professionals Take To Begin Incorporating AI Into Their Current Roles And Responsibilities?
For cybersecurity professionals already established in their careers, incorporating AI into their existing roles and responsibilities may seem like a daunting task. However, both Tom and Jonathan provided valuable insights on how to navigate this transition.
Learn More: How LLMs Are Being Exploited
Tom emphasized the importance of continuous experimentation and understanding one’s cybersecurity processes.
You need to experiment all the time to understand how to employ AI in your processes. It’s continuous learning, continuous exploration, and investing time in researching papers and practical applications of different models.
Jonathan highlighted the potential of AI to streamline the learning process and provide on-demand information and guidance.
You can ask the AI where to start and it can give you directions. Your information direction can be given to you in a way that you used to need a mentor or teacher for.
Furthermore, Jonathan highlighted the potential of AI in the realm of compliance and governance.
Compliance professionals with AI will be able to automate and continuously assess compliance, rather than relying on snapshot-in-time assessments. AI can broadly and robustly verify that many compliance requirements are being met.
By embracing a mindset of continuous learning, experimentation, and leveraging AI as a tool for guidance and automation, cybersecurity professionals can seamlessly integrate AI into their existing roles and responsibilities, enhancing their efficiency and effectiveness.
What Is The #1 Trend In AI Security?
Several trends in AI security are emerging that demand the attention of professionals and organizations alike. According to Jonathan, the issue of trust and trustability in AI systems is a significant trend in AI security.
The number one question I’m seeing is how well we can trust these models. Professionals must learn when to use large language models, how to sanitize their input, and also learn to respect the fact that they can’t sanitize user input when it comes to large language models.
Jonathan also cautioned about the potential for “prompt injection” attacks, akin to the infamous Log4J vulnerabilities, where attackers could bypass mitigation techniques by exploiting the inherent unpredictability of natural language processing models.
Tom, on the other hand, highlighted the trend of “multimodal AI” as the leading development in AI security.
We’re not processing just single data anymore; we’re processing text, images, sound, and everything at once. This is the next level, and without AI, it’s nearly impossible to handle this complexity in cybersecurity.
Wrapping Up
As AI systems become more sophisticated and ubiquitous, addressing issues of trust, security, and the integration of multimodal data will be paramount for cybersecurity professionals and organizations alike. Staying ahead of these trends will be a requirement in mitigating emerging risks and leveraging the full potential of AI in the cybersecurity
Article by
