Will AI replace cybersecurity teams completely?
Cybersecurity issues have been increasing across the board, in every conceivable metric. Cyber-attacks have been picking up in frequency, in the sophistication of assaults, and in the intensity of the damage that is dealt to the organization’s data and systems.
The average breach is reported to cost businesses US$3.6 million, according to Ponemon Research, going up to US$350 million for those of a larger scale. Successful attacks are a case of ‘if’ not ‘when’. More or less every business relies on connectivity today, while a shift to remote work demands even more need for trusted and secure network infrastructure.
But finding skilled professionals to deploy and manage effective cybersecurity initiatives is proving the biggest struggle. According to research last year by IT security organization (ISC)², there are 2.93 million unfilled cybersecurity positions around the world.
Naturally, given a shortage of expertise and the evolution of technology taking place constantly, automation has been eyed as the solution to this skills deficit. That makes sense, and the cybersecurity solutions market is so busy and competitive that these kinds of tools are becoming available to reduce the growing burden of work on existing professionals.
Until now, automation has not been regarded as a “fix-all” solution in cybersecurity, with the “human factor” – advanced knowledge and experience – considered the most important aspect of information security.
However, a new report by Trend Micro found that two-fifths (41%) of IT leaders believe AI will replace their role by 2030, with the cloud security firms predicting that remote and cloud-based systems will be targeted ruthlessly in 2021.
The research was based on interviews with 500 IT directors and managers, CIOs, and CTOs – and likely won’t do much in attracting new professionals towards a long-lasting career in information security, or infosec.
Just 9% of respondents were confident AI would definitely not replace their job within the decade and close to a third said they thought automation technology would eventually replace almost all need for cybersecurity professionals.
In this new age of cybersecurity, just shy of a quarter of IT leaders believe data access will be tied to biometric or DNA data, making unauthorized access theoretically impossible, while security will be self-managing and automated.
Already, machine learning has applications in advanced threat detection and stopping insider threats, which require a more nuanced approach to monitoring and response. Sophisticated attacks that move laterally within a network or breaches caused by unwitting access to sensitive information can be tackled by automated and intelligent anomaly detection.
AI and machine learning can enable analysts and security teams to paw through masses of log and event data from applications, endpoints, and network devices to conduct rapid investigations and uncover patterns to determine the root cause of incidents.
As the threat landscape evolves, and the cost of a cybersecurity breach becomes increasingly catastrophic for small and large businesses alike, AI and machine learning will hand organizations improvements in detection speed, impact analysis, and response.
Automation will undoubtedly replace numerous roles, or at least many aspects of them, within the coming years. And ten years is a long time in IT. That said, cybersecurity experts will likely remain in demand as human oversight of AI and automation programs will remain necessary.
Bharat Mistry, Technical Director at Trend Micro, said: “We need to be realistic about the future. While AI is a useful tool in helping us to defend against threats, its value can only be harnessed in combination with human expertise.”