Three ways AI can fix the security industry’s skills shortage

The cybersecurity industry is in the midst of a skills crisis. With a cyberattack occurring approximately every 39 seconds, every business needs a well-trained staff to protect it. And there aren’t enough experts to go around. A recent survey shows that 70% of organizations believe the skills shortage has impacted them, and 45% think it has gotten worse over the years. Another global study predicted a terrifying shortage of 1.8 million security workers by 2022.

Why the gap? Several reasons are to blame, but it starts with a lack of training. Basic IT training doesn’t cover enough about security, leaving most individuals unequipped to respond to or detect security threats without a comprehensive education. The National Security Agency (NSA) has put a lot of effort into creating cybersecurity programs across several universities. However, less than half (42%) of the country’s top 50 computer science programs include security courses for undergraduates.

And since talent is in such high demand, those trained are offered top dollar by businesses and can pick and choose where they want to work. Not every company can afford to pay top dollar either, so they often lose out to a higher bidder. Organizations get caught between a rock and a hard place.

With such a bleak future, how can the void be filled? Artificial intelligence (AI). It’s one of the best hopes for the industry and has the potential to ease the pressures of the security skills shortage.

Three ways AI can fill the skills gap:

Take over routine and repetitive tasks. AI thrives in environments where there are a lot of mundane tasks. Many IT security operations fit this description. They are time-consuming and costly and take teams hours, days, weeks, or more to accomplish. AI can eliminate a lot of the monotonous work and reduce the load, so fewer experts are needed.
Hunt threats. Traditionally very time-consuming and expensive, threat hunting typically relies on manual tracking to identify risks waiting in the wings of a business’ network. Automating this job using AI, especially when integrated with behavioral analysis, can shorten the time it takes from recognizing the threat and then doing something about it.
Automate incident responses. Manually identifying and responding to incidents is difficult and time-consuming. AI helps detect attacks - both novel and familiar ones. The technology handles responses without any human interaction and helps the system learn to predict where issues may occur before they even happen.

AI’s ability to analyze large amounts of data and do it at scale can significantly relieve some of the pressure on internal cybersecurity teams, especially as many are understaffed and under threat as they battle risks daily. But let’s be clear: AI is not a replacement for cybersecurity experts. Human oversight of AI is essential to meet privacy and ethical standards. As AI starts to predict and take actions against users that appear to be threats, human management needs to ensure that it’s not making decisions that break trust and overstep. In addition, the people behind the technology need to oversee the data and determine what is good and what is flawed data. Bad data can lead to bad decisions and outcomes, so it’s essential that teams train AI systems to use the correct data.

The industry’s skills shortage is a real issue anticipated to get bigger. If companies can use AI as a stopgap to help relieve the pressure and streamline smaller, repetitive, mundane tasks, it can make a big difference to the staffing model.

Using AI does require experts who can step in and figure out the best use cases and keep the company compliant with data and privacy regulations. However, organizations can outsource some of this to teams with exceptional knowledge who can provide value without straining existing resources. The last thing you want to do is address a skills gap by putting more pressure on your people. This model gives employees space to focus on the things of imminent importance – stopping attackers in their tracks.

Mark Herridge joined Calligo in August 2013 and is the company’s Chief Information Security Officer. He is responsible for driving the information security strategy whilst protecting the business from security threats and ensuring operational compliance to the ISO and SOC standards. He has over 20 years of experience working in information technology in various security, operations, and project management roles. He has significant experience in managing outsourced services, strategy development, infrastructure consolidation, disaster recovery, and leading businesses through transformational change.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.