Cyber Experts vs Artificial Intelligence
A discussion I often find myself engaged in is where investment should be focussed when it comes to cybersecurity - human or machine. Inevitably this conversation can invoke a degree of impassioned exchanges, dependent on the proposed purpose of the investment into artificial intelligence (AI). Where it is envisaged AI can augment a security team's capabilities, there is consensus it can provide tactical or strategic benefits, but where the proposal is to utilise AI instead of investment into human capital, the discussion deviates from a logical conversation into an emotive debate. Like most thing in life, it's all about balance.
Allow me to preface this article by stating I am an advocate of investing into cyber experts, and the education of those with a passion or interest in entering a sector that is in dire need of human investment. I also state I am fortunate in that my team is a group of incredibly talented and accomplished security experts, who consistently make me proud of both their expertise and professional approach to their work.
We are, however, in the midst of a cyber security skills shortage, where the shortfall of experts has been forecast to reach 1.8m by 2022, according to the Frost & Sullivan 2017 report on 'Global Information Security Workforce Study'. With this in mind we are not only facing a scarcity today but a potentially widening gap over the next four years. Investment into STEM subjects is crucial, within which cyber security is essential as our data-driven society grows into an everything connected world.
This skills 'gap' places our corporations in a precarious position when it comes to embracing innovative business opportunities like IoT. We may not have the prerequisite expertise to guarantee these new technologies maintain the integrity and security of the data they collect.
In 2016 the UK Government pledged to invest £165 million in cybersecurity start-ups, with a total spend in the cybersecurity sector of £1.9 billion by 2020. This investment included establishing a new National Cyber Centre and employing and training around 1900 staff. There have also been programmes launched in recent years like ‘CyberCenturion’, a joint initiative backed by Northrop Grumman (Cyber Security Challenge UK), which aims to get 12 to 18 year-olds hooked on cyber security through competitions and team challenges. While these investments are essential and welcomed, nefarious actors operating within this space outnumber the cyber-security community, and these measures will take time to impact the shortfall. We need to look beyond our traditional approaches to this long-term problem, and how new methods and tactics can be employed to provide our pressured experts help in their battle to maintain the integrity and security of our networks, and thereby our world. Artificial intelligence (AI) can provide this much-needed breathing space.
The principle behind the application of artificial intelligence in cybersecurity is focussed on machine learning and designed to augment the security specialist’s capabilities. It provides a mechanism to accelerate data interrogation and assessment, with the focus on intrusion mitigation through detection and response. Machine learning algorithms can trawl through large data sets at speed, enabling rapid decision making based on emerging patterns and abnormal activity. This automated process can remove the 'noise' and allow security experts to focus on the real threats.
I spent this week at InfoSec 2018 in London as a guest of Symantec, giving two interactive talk sessions each day with David McClelland. We used our time in the morning to examine corporate prioritisation of cyber security, and the afternoon spot to discuss future cyber wars, where we also debated the skills shortage and employment of machine learning (AI) to augment our pressured security community. Travelling the halls at Olympia between sessions, I saw several vendors, established and new, leveraging machine learning to provide automated security defence. Conversations with these vendors revealed their objectives were closely aligned, as they aimed not to replace experts, but to cut through the vast quantities of data produced by security tooling, thereby allowing experts time to focus on security policies and strategic planning rather than reactive support. It was encouraging to see these technologies positioned to assist the expert community.
While exploring Olympia, I was also encouraged when approached on a few occasions by individuals currently studying security based degrees. They had seen my chat with David regarding the future of cybersecurity and wanted to discuss their aspiration for careers in the security sector. It was refreshing to take time out of a packed day to absorb the enthusiasm of these students who may become our future defence experts, and looking at the salaries now commanded by security analysts it is clear to see the appeal. The US Department of Labour is forecasting median pay for a cyber security analyst will reach $100k in 2018, meaning it is the right time to enter this domain if you are contemplating a career in cyber security. Talking to ISACA about footfall at their stand, it was encouraging to hear they had been busy each day advising individuals looking to enter the security sector and hopefully contributing to reducing the skills shortage we currently face.
We opened this article with a question about achieving a balance between investing in experts and investing in technology. It is encouraging to see that we have the means to do both and that the purveyors of AI technology view their services as a tool for experts rather than a replacement.
The conversations I have had this week have left me feeling optimistic about our defensive capability as a society. Yes, we have a present shortage of skilled security experts, but we appear to have a good deal of interest from those in education or looking to change focus. In the meantime, we have innovative security firms offering us a means to alleviate the pressure on our existing experts, through the employment of artificial intelligence to bridge the gap between today's shortfall, and tomorrow's growing cyber workforce.