Cybersecurity / Cybersecurity

The Changing Roles within Cybersecurity Due to AI

By June 11, 2020

  • facebook
  • twitter
  • pinterest
  • linkedin

During this panel, industry experts (showed above) discussed the changing roles within the cybersecurity industry due to AI. We’ve included a short transcription of the panel, beginning at 28:38 of the webinar.
Watch the full webinar here.

Brennan Lodge, Goldman Sachs: Are there roles within your certain SOCK that are changing because of AI? Are the expertise/the talents adjusting to meet the demand of automation and, talking about some of the topics that we talked about earlier, the enrichment, the prediction on assisting their analysts. So I'll pass it over to you, James, on Talent. 

James Lindsay, Department of National Defence: Yeah, so the biggest issue I find with cyber teams and SOCKS is, a lot of them just believe AI or machine learning is just one big hype cycle. So they'll be like ‘we've been here before ten years ago, they had expert systems. It was just a couple list statements that attackers could figure out the ways around them. If I just keep my head down all you guys will go away in a couple years when the hype cycle ends.’ So I try to create an AI-enabled workforce within DoD. 

I gave a lot of professional development presentations, but this is probably my most requested presentation, where I just go through, over an hour, on why this is not a hike cycle and on why things like deep learning are revolutionary technologies and it is worth your time to invest to learn how AI systems work, to learn how machine learning systems work, learn how deep learning systems work, to structure your data so that we can actually use it to train systems. So that is what I find our biggest challenge is. 

Within DoD, we work more of trying to create our own workforce instead of trying to actually be part of the ‘war for talent.’ Like you said, it is a unicorn statement that both cybersecurity and AI-expertise things. So we're trying to do a lot of it from within but that is the biggest problem I've run into as we try to introduce a lot of AI and especially, say the machine learning and deep learning technologies within DoD. 

Why is it important to structure your data? That;s our biggest challenge is people just think it's a hype cycle and that's where I spent actually most of my time, trying to work with our workforce to try to destroy that notion. 

Brennan Lodge, Goldman Sachs: Marcus. You're chomping at the bit to chime in here. Go ahead. 

Marcus Fowler, Darktrace: James, great comments. In just the year that I've been in that vendor space, which was in and of itself a whole weird jump for me after 23 years of Public Service, the ability to understand and recognize that AI is no longer just an emerging technology, but a present technology. That comes also with how you couch what you talk about when you’re talking about AI. 

Whenever I'm talking about it, I'm starting by the narrow AI and the complex tasks. Thinking about machine learning, it's not going to pass the Turing test. But it is very good for these bound complex problems, especially like cybersecurity, when you're coming at it the way that we do, which tends to be understanding your digital environment and enforcing that normal. Not trying to predict threat hackers and threat attacks, which is, again, a bit of a flip of the other side of the coin of how complex that task and what you're trying to predict is. 

The second in terms of the workforce and the skills that are out there, our approach has been making AI as approachable as possible by any number of types of skill sets by giving some model editing capability that actually doesn't alter the unsupervised learning. You're not playing with the AI, but you are able to get creative in terms of prioritizing things you care about in the model or say you're prioritizing and have some way to assist with some of that false positive or prioritization without putting the entire AI at risk for the unsupervised learning at risk because you're kind of meddling with it as you work. So really bringing more accessibility to that technology, without necessarily having to have a super skilled workforce because I'm talking about small and medium businesses, you're really not going to find those skills there nor do they have the time to invest in them. 

Brennan Lodge, Goldman Sachs: And Marina? 

Marina Kaganovich, BNP Paribas: Yeah, excellent points, both James and Marcus. My perspective is slightly different coming from a legal and regulatory background. The biggest issue that I'm seeing in terms of talent is a lack of tech fluency or tech savviness and that's something that can no longer be ignored because even as we're seeing regulations like rules/guidance develop, we're having conversations with senior managements and with boards of directors. Phrases like access right controls and multi-factor authentication or coming up. So it's no longer ok to not know what those things mean. They need to become part of our typical vernacular. And so there needs to be a little bit more work done to get folks up to tech speed.

When you're speaking the same language, it helps a lot in terms of being able to partner across different teams and certainly within the IT divisions and with cybersecurity and also just more generally in supporting businesses’ digital transformation.

Learn more and watch the full video on YouTube:

Recent Posts