Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

AI

5/1/2018
09:35 AM
Jeffrey Burt
Jeffrey Burt
Jeffrey Burt
50%
50%

AI: Not the Cure-All for IT Security Skill Shortage

A new report by DomainTools and the Ponemon Institute finds that while automation will replace low-level security tasks, it will only increase the demand for highly skilled pros.

Business leaders who believe artificial intelligence and machine learning will help alleviate what is soon expected to be a 1 million-plus shortfall in skilled security pros may want to rethink that idea.

Cybersecurity has quickly become a top use case for the rapidly expanding AI field, both for its capabilities to help businesses protect themselves from the growing number of increasingly sophisticated attacks and breaches as well as enabling companies to automate some of the cybersecurity jobs and mitigate what's widely expected to be a large shortfall of skilled IT security workers. ISC(2) is predicting that by 2022, the shortfall globally will reach 1.8 million workers.

At the same time, businesses are embracing AI and machine learning for their cybersecurity efforts.

By 2020, 60% of the Global 2000 businesses will use AI-based security, according to IDC analysts, and a MarketsandMarkets report is predicting that spending on AI security will reach $34.8 billion by 2025, a 31.4% increase over spending in 2017. And despite the rising need for skilled IT security professionals, AI will replace some of the security jobs now being done by humans, including security analysis, intrusion detection and vulnerability assessment. (See AI Is Stealing These IT Security Jobs Now.)

But while automation that will come with AI and machine learning will replace some of those lower-skill security tasks like 24/7 monitoring and threat hunting, it actually will increase the shortage of skilled IT security personnel, according to a report by security platform vendor DomainTools and the Ponemon Institute. Automation may replace those tasks, but that will only increase the need for workers with more advanced skills, according to the report, "Staffing the IT Security Function in the Age of Automation," in which more than 600 IT and IT security professionals were surveyed.

Security skills in an age of automation
"While the majority of respondents believe that automation will improve the IT security staff's ability to do their jobs, it's because it will replace tasks like log analysis," Tim Helming, director of product management at DomainTools, wrote in an email to Security Now. "This leaves more time for the advanced staff to tackle more serious vulnerabilities and overall network security. More than three quarters of the respondents say that the use of automation in cybersecurity will not lessen the need for skilled IT security personnel. The fact is, no matter how sophisticated automation technology becomes, it will never replace human intuition and hands-on experience."

The data in the study indicated that highly-skilled IT security people are in short supply, Helming wrote. As humans are called upon to do even more advanced IT jobs, there will be more pressure on businesses to find people with such skills. Seventy-five percent of respondents said their InfoSec staffs are not only understaffed, but they are having difficulties finding qualified candidates to fill those jobs. In addition, 76% report that the use of tools and services leveraging AI and machine learning will only increase the problem by heightening the demand for more high-skilled people.

Only 23% report that automation will mean a reduction in their IT security staff. Forty-four percent said the use of automation tools will increase their need to higher people with greater technical skills.

The predicted increase in the shortage of IT security people has been talked about for several years, and now there is a growing concern that the increasing use of AI technologies for cybersecurity programs and IT in general will lead quickly to a shortage of AI skills. Hyperscale cloud providers like Google, Microsoft and Amazon Web Services also are cranking up their AI and machine learning capabilities, including in the area of security. (See Cybersecurity AI: Addressing the 'Artificial' Talent Shortage .)

According to the results from the new survey, which was released May 1, 41% of respondents said their inability to find the skilled people to staff their security programs has led to an increase in the investment of automation tools. Still, only 26% said they currently use such tools for cybersecurity, and 15% said AI is a trusted security tool in their companies.


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

New skills
However, while many companies expect automation will increase the need to higher more people, most say such tools will improve their staffs' ability to do their job. Sixty-eight percent of respondents report that their IT security personnel will be able to focus on more serious threats and overall network security, while many of the jobs that AI will automate are time-intensive that are mission-critical but not a good use of staff time.

In addition, 36% said automation will reduce human error.

The key for companies in this time of automation -- where AI and machine learning will replace some tasks but lead to a greater demand for higher skilled workers -- is to find ways to attract and retain talent in a tight market, according to DomainTool's Helming. The study's authors noted that offering better compensation and a career path are keys to getting and keeping talent. The survey found that only 24% of respondents said their companies see IT security as a career path and 39% said their organizations' compensation packages are enough to attract top people.

A little over half -- 52% -- typically promote from within.

Given the "dichotomy" of more automation leading to the need to hire more people, "we are advocates of on-the-job training and continuous education," Helming said.

Companies also said IT professionals need a combination of technical skills as well as "soft skills" -- such as a good work ethic, creative problem solving, dependability and being a team player.

Related posts:

— Jeffrey Burt is a long-time tech journalist whose work has appeared in such publications as eWEEK, The Next Platform and Channelnomics.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
Stephen Ward, VP, ThreatConnect,  7/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15600
PUBLISHED: 2020-07-07
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
CVE-2020-15599
PUBLISHED: 2020-07-07
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
CVE-2020-8916
PUBLISHED: 2020-07-07
A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
CVE-2020-12821
PUBLISHED: 2020-07-07
Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
CVE-2020-15008
PUBLISHED: 2020-07-07
A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...