There was some controversy emerging from the most recent RSA conference when the CTO of RSA - Zulfikar Ramzan - was quoted saying "I think it (the technology of machine learning) moves the needle," he said on Wednesday. "The real open question to me is how much has that needle actually moved in practice?" What he did not address is the intelligence that is going to change the entire industry.
This is probably an understandable reaction to the state of the market for security products and services today with all manner of technology product vendors and service providers claiming their "solution" uses the latest ... machine learning, cognitive (my favorite marketing buzzword term) and artificial intelligence ... take your pick, powered security Swiss Army knife. Moreover, this has been going on now for a few years as new end-point detection and recovery systems have hit the market powered by AI, and all manner of other security tools.
The point Zulfikar is/was trying to make is that it is hard trying - for some- to decrypt marketing buzz from reality when it comes to the latest AI-powered security tools. But I think this attitude is condescending. Most IT security buyers that have been around more than a few years have specially equipped radar for BS and can smell it in the air. What did not get covered at the RSA conference is the huge impact AI is going to have on the entire industry, impacts that will not be too far in the future.
Whatever else you think about data mining, data engineering, machine learning, cognitive computing and artificial intelligence, its uses for cybersecurity will include the automation of:
- Level 1/level 2 labor skills by digital labor
- Level 3/level 4 labor skills by digital intelligence
- Most end-to-end security processes for identity, access, detection, response, recovery and compliance
The use of machine learning is well on its way to incorporation into other aspects of digital systems used by enterprises. These uses include functional and role-based business processes, end-to-end business processes, and processes operating across value chains from customers to suppliers and distribution networks. These use of AI in the business are also seeing parallels in IT operations and IT service management processes that operate and support the business. The same is already emerging for silo and end-to-end cybersecurity processes involving digital data, events, and people.
The impacts of using smart machines to automate security processes will radically alter the labor market for security, the processes used by enterprises to operationally manage the integrity of its systems and data, and the procedures used to manage acceptable risk. The changes in the labor market especially will call for new skills - data and analytics skills - that are missing or non-existent among some to many of today's security practitioners. The skills gap the technology creates will be filled by AI-enabled digital labor security systems that learn from the most skilled and grow smarter each month. This could lead to a hollowing-out of the demand for entry-level older plug-and-chug operate the equipment labor skills while creating increased demand for entry-level security data and analytic skills.
If you are in cybersecurity today, and you want to remain in it in the future, now is the time to develop the data mining, data engineering, machine language programming and cybersecurity data science skills that will define the security industry of the now, near and medium-term future. You owe it to yourself to develop these skills today.