How AI and ML Are Changing Cybersecurity in the Enterprise
By Terri Coles
The increasing importance of artificial intelligence and machine learning in enterprise cybersecurity makes the essential role of cybersecurity expert more difficult to hire for. The importance of cybersecurity is clear, but the field is both difficult to staff adequately and changing quickly. Some of those changes are coming thanks to the increasing importance of artificial intelligence and machine learning in the field.
As a result, enterprise cybersecurity staff are both gaining access to new capabilities for their jobs and adjusting to a quickly changing technical and regulatory environment. AI/ML has a direct effect on cybersecurity teams and brings a whole new set of needs to the enterprise,” said Bob Peterson, CTO architect at Sungard AS.
AI and ML provide new capabilities to automatically detect and respond to security events, which frees up staff to work on higher-level or more complex issues, Peterson said. What that means, though, is that team members have to understand cybersecurity concepts as well as how AI and ML work with their systems. In particular, when an organization builds its own AI/ML tools, a variety of experts are required, Peterson said.
“The team requires domain experts that understand the security data and how it is generated, data analysis and data science experts that understand data analysis techniques, and AI/ML experts that translate this information into the right models and algorithms,” he said. Creating and maintaining the AI/ML system require the joint efforts of all these contributors.
Challenges in Hiring
Hiring for cybersecurity is already challenging, Peterson said. “There are many different disciplines within the field that require different knowledge and skills, and the rapid pace of change in the IT space puts additional strain on recruitment,” he said. The industry also has a significant lack of diversity, points out Sivan Nir, threat intelligence team leader at Skybox Security—only 20% of security professionals are women, and just 26% in the U.S. are from marginalized communities. “This is a big problem because cybersecurity, in particular, is a field that thrives on diversity,” Nir said. “If you think about who we are up against, cybercriminals come from diverse backgrounds, so it is crucial our teams have different points of views and a variety of thought processes.”
A Shifting Landscape
Ultimately, the increasing importance of AI/ML in enterprise cybersecurity will soon add an additional hiring requirement to consider, said Oliver Schuermann, senior director of enterprise product marketing at Juniper Networks. “Understanding AI/ML will be another item in the already lengthy list of things required to be an ‘expert,’” Schuermann said. The needed skills outpace the candidates available to fill them, Peterson said, and experts need to understand both legacy technologies and newer ones such as cloud storage and software-defined networking. Juniper Networks hires in San Francisco and Bangalore, India, and has come up against a shortage of candidates in both areas, according to Sherry Ryan, the company’s vice president and CISO.
The difficulty in cybersecurity recruiting is a strong argument for growing and promoting talent internally, Peterson said. “The employee needs to be given opportunities and find ways to grow within the organization, and should be constantly learning and putting in effort to succeed,” he said. When hiring from the outside, be willing to think outside the box, Peterson suggested. “Sometimes it is easier to find someone with a needed skill who does not really understand cybersecurity,” he said. “It may be easier to educate them on cybersecurity versus the technology skill itself.” And Nir points out the importance of making people—especially girls and underrepresented groups—aware of tech and cybersecurity as a career path from a young age. “Working in technological fields should be seen as exciting, not intimidating,” she said. “Cybersecurity, in particular, is never boring—it tackles real-world challenges at a fast pace every day.”
In technology industries, hiring evolves as a matter of course, Schuermann said. “AI and ML will continue to evolve, as will adjacent technology concepts important to security, such as automation,” he said. “The threat landscape continues to change, and we must remain in motion with it to adequately define our enterprise.” However, even when new or developing technologies like AI and ML come to bear on a role as they have with cybersecurity, the role itself does not necessarily fundamentally change. “I do not believe that AI/ML is changing the role of cybersecurity experts per se, as we are still evolving the technology,” Schuermann said. “Security experts will have to understand how to utilize the technology beneficially and to do what it is designed to do, which is to reduce the signal-to-noise ratio.”