Cyber Security and the AI Effect

 

To paraphrase a famous pop song, we are living in a technological world, as all things digital look set to take over the world as we know it. Systems driven by Artificial Intelligence (AI) in particular are causing a furore as the human element of roles across certain industries look set to be replaced by machines. So, with the advancing influence of automation, AI and machine learning, what does that mean for those working in cyber security?

Cyber security in fact, may be one of the exceptions to the aforementioned rule as for the most part, the need for the human element remains key in identifying, preventing and responding to breaches. With a tendency for emitting false positives, lack of contextual awareness, huge running costs and of course the risk of the machine itself being hacked; AI and its ilk are for the most part a way off from taking over jobs in cyber security.

What we will see however is the creation and evolution of new job types emerging, with the SecOps and DevOps pieces taking centre stage in the space. As the skills of those hacking grow in sophistication and the nature of attacks become more complex, security professionals must be prepared to work in a more proactive manner. This based on the theory that no system is fully secure, particularly in the face of advancing technologies and mechanics, so cyber security teams must remain one step ahead at all times.

The emerging pieces of SecOps and DevOps, though in existence for some time within the military are really only now coming to the fore on a wider scale through the business world. Working on the premise of what is called ‘threat hunting’, the cyber security professional of the future is expected to apply a different mindset and skillset from the traditional watchman mentality entrenched within cyber security.

Being able to identify unusual patterns on a network in the face of hackers continually throwing out new attack techniques which don’t follow a particular signature is one of the greatest skills required within the evolving security space. So too the talent for deductive reasoning is one to nurture as security professionals must be able to work backwards in the event of a breach to unearth evidence of a possible ongoing intrusion.

Security professionals should also be looking to develop a secondary skillset that encompasses data manipulation and data science approaches, tools and techniques as scripting and coding rise in importance with people programming and developing AI tools around Python and similar. Cyber professionals with experience and expertise in the areas of data analytics, big data, advanced analytics and data forensics will find much of their skillset transferable in the burgeoning SecOps-led space.

As far as analysis skills go, malware analysis is another vital skill every forward-thinking cyber security professional should have in their arsenal. Individuals must be or become proficient in using advanced malware analysis techniques, including reverse engineering malware code. It’s not enough to simply know the threat is there, you will be expected to investigate how it got there to begin with, its capabilities, how it spreads and the impact it could have.

In addition to training up in malware analysis, forensics, penetration testing and incident response, all key areas pertinent to the future of cyber security, professionals in the space must be able to explain their findings and validate their hypotheses effectively. Strong communication skills are key. Being able to convey to the business in a language that can be understood by all facets of that business is essential.

While the practice of threat hunting is aided by technologies such as SIEM, it cannot be fully automated which is where the need for skilled individuals comes in.

For the people with those skillsets the work is very transferable so for the most part we’re going to see a shift in skillsets rather than a loss of jobs. What we’re seeing with AI and automation is simply a maturing of the industry as security professionals fight the hackers with comparable tools.

The type of job roles that cyber professionals could be keeping their eye on in the SecOps, DevOps and advanced analytics space are engineer, developer and data analyst roles, with average UK salaries varying between £50,000-60,000 for perm and around £650-700 day rate for contract roles.

For further training and courses to better prepare for the evolving job types emerging from the expansion of machine learning and AI, institutions like General Assembly are a good place to start. With courses in data science, product development, data analytics and software engineering, cyber professionals can obtain a solid grounding in the skills and tools they need to keep up with the robots!