The capabilities of artificial intelligence and are accelerating, and many cybersecurity tasks currently performed by humans will be automated. There will still be plenty of work to go around so job prospects should remain good, especially for those who keep up with technology, broaden their skill sets, and get a better understanding of their company’s business needs.
Cybersecurity jobs won’t go the way of telephone operators. Take, for example, Spain-based antivirus company . When the company first started, there were a number of people reverse-engineering malicious code and writing signatures.
“If we still were working in the same way, we’d need hundreds of thousands of engineers,” said Luis Corrons, technical director at PandaLabs.
Instead, the company’s researchers created tools that do most of those jobs.
“Being realistic, no company could afford that,” he said.
, Bloomberg’s venture fund that invests in early-stage tech companies.
There’s a great shortage of talent in the industry, and a growing need for security professionals, she said.
AI tools will put more power in your hands
AI promises to automate repetitive tasks and those that require the processing of large amounts of information.
But the industry needs that, since there’s too much for humans to process on their own.
“It’s more about augmentation rather than automation,” said Klein.
That’s been a common theme for the cybersecurity companies she’s been investing in, she said, adding that she is very optimistic about what the AI technology will bring.
“It’s going to help that over-stressed IT guy who is trying to manage everything,” said Dale Meredith, author and cybersecurity trainer at . “It’s going to help him have more time to look at what’s important for the company.”
AI is just another tool, he said.
“And it’s coming along at the right time,” he added. “Think of the amount of data we have now compared to just five years ago.”
New technologies, like the Internet of Things, promise to generate even more data, said Jason Hong, a professor in Carnegie Mellon’s School of Computer Science and an expert in AI and cyber security.
“But over time, will AI will allow analysts to be more productive, automating low level tasks and intelligently alerting the analyst.”
For example, better AI will make it easier for security professionals to sort through mountains of noise to find actual indicators of compromise, said David Campbell, CSO at , a Denver marketing company that suffered a breach last year.
[ ALSO ON CSO: ]
“AI will help speed the identification and prediction of security breaches,” he said. “This will bolster career prospects for security professionals that are adept at divergent thinking, and limit career prospects for more traditional SOC analysts that respond to alerts without considering the larger picture.”
With AI automating out the horrible, routine, cutting-and-pasting jobs, most of the growth in the cybersecurity profession will be in forensic investigations, said Kris Lovejoy, CEO at security firm
That may require additional training, she said—not necessarily a full university course, but something like a SANS training program.
“The security field currently requires lots and lots of manual labor,” she said. “You’ve got folks doing either very entry-level jobs, almost IT administration, and very sophisticated folks with lots of education spending 80 percent of their time waiting for something to load.”
That gets frustrating and burns people out. With automation, the jobs are going to become more interesting—and there might be less churn in the profession as a result, she said.
There will also be new job opportunities when it comes to properly deploying AI tools.
“AI isn’t free,” said Haystax’s Ware. “Many techniques require significant algorithm training, data mark up, and testing that has to be done by humans.”
The care and feeding of AI also involves ensuring that the AIs have highly available, highly secure infrastructure on which to run, said David Molnar, IEEE member and senior researcher at
“Highly available infrastructure because if the AI stops, the business suffers,” he said. “Security, because if the AI gets bad data or the AI is hacked, then the business makes bad decisions.”
The CSO’s job will increasingly be about protecting the AI’s role in business, and understanding the processes around the AI.
And the CSO might also need to act as a mediator between the AI and the rest of the company.