Companies are pouring investments in artificial intelligence at a staggering rate, with the market for AI technologies expected to surpass $1 trillion by 2030, according to several growth forecasts.
Tech giants like Google, Microsoft and Amazon are leading the charge, heavily investing in AI products, research and development. AI has become a ubiquitous topic in boardrooms and among C-suite leaders across a range of professional disciplines — including in the security community.
While AI is a hot topic, organizations still grapple with responsible implementation at scale. A recent survey by ISACA, the global digital trust association, sheds light on the current state of AI preparedness. The survey, titled The AI Reality: IT Pros Weigh in On Knowledge Gaps, Policies, Jobs Outlook and More, reveals several notable data points, including:
- 15% of survey respondents say organizations have a formal, comprehensive policy governing the use of AI technology at their organization.
- 40% of organizations offer no AI training at all and 32% say training is limited to staff who work in tech-related positions.
- 60% are very or extremely worried that generative AI will be exploited by bad actors (such as through more believable phishing attacks).
- 20% are confident in their own ability to detect AI-powered misinformation, and only 23% are confident in their company’s ability to detect AI-powered misinformation.
Taken together, this tells a clear story: AI poses significant threats to organizations that practitioners do not yet feel capable to address and, in many cases, they are not receiving the training needed to get there.
Ramping up AI training
The survey highlighted a widespread acknowledgement that professionals in security and other digital trust fields must prioritize AI training to succeed in this new landscape. More than 8 in 10 (85%) of respondents recognized the need to increase their AI skills and knowledge within two years to retain or advance in their roles.
Regardless of their current AI proficiency, security professionals must embark on a continuous learning journey to keep pace with the rapid evolution of AI and its associated security threats. Even those with existing AI familiarity cannot afford to stagnate, as this dynamic field demands constant upskilling.
To address this need, security practitioners should prioritize foundational training in AI essentials as a logical starting point. Subsequently, gaining insights into the integration of AI technology within cloud environments, as well as exploring crucial areas like AI governance and AI ethics, would be invaluable.
If you’re interested in learning more about artificial intelligence (AI), here are my recommendations:
Take an introductory course: Start with an introductory course on AI that covers the fundamentals, history and key concepts.
Learn about machine learning: Machine learning is a crucial component of modern AI systems.
Explore deep learning: Deep learning, a subset of machine learning, has been instrumental in recent AI breakthroughs. Learn about deep neural networks, convolutional neural networks (CNNs), recurrent neural networks (RNNs), and their applications in areas like computer vision, natural language processing, and speech recognition.
Study AI applications: Understand how AI is being applied in various domains, such as healthcare, finance, transportation and cybersecurity. This will help you appreciate the real-world impact and potential of AI.
Attend workshops or conferences: Participate in AI workshops, webinars or online courses to learn from experts, network with professionals and stay updated on the latest trends and developments in the field.
Hands-on projects: The best way to solidify your AI knowledge is through hands-on projects. Use open-source libraries and frameworks like TensorFlow, PyTorch or Scikit-learn to build and experiment with AI models and applications.
Stay updated: AI is a rapidly evolving field, so it's essential to stay updated on new developments, research breakthroughs and emerging trends by following industry publications such as ISACA’s “Artificial Intelligence: A Primer on Machine Learning, Deep Learning, and Neural Networks.”
Summon a sense of urgency
Predicting the future can be a perilous endeavor. One certainty is that comprehending the impact of AI on the threat landscape will become increasingly critical for security professionals in the years ahead. If understanding and mastering AI-driven threats and defenses is not already a significant part of your security role, chances are it will become so imminently. Recognizing this reality, security teams must prioritize AI training in their professional development initiatives. Ideally, this push should come from leadership; if not, it falls upon security practitioners to make a compelling case to their supervisors.
Obtaining this knowledge is pivotal to security professionals and their organization’s success, and delaying action not a viable option. The risk of falling behind in this domain is one that security professionals and their organizations cannot afford to take.