Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

10/2/2017
08:00 PM
Curtis Franklin
Curtis Franklin
Curt Franklin
50%
50%

Gartner Analysts See AI Augmenting Security

Gartner analysts don't think AI will replace humans in security; instead it will be a critical piece of a better security infrastructure.

ORLANDO -- Gartner Symposium ITXpo -- For many years, the honor of first keynote at Gartner Symposium ITXpo has gone to Peter Sondergaard, VP of research at the consulting giant. On Monday morning, he stood on stage and introduced the concepts that will be driving conversations here for the next four days -- and away from Orlando, for at least the next year.

Sondergaard touched on a number of topics during his address, and my colleague Scott Ferguson has a roundup of the cloud side of the speech in an article on Enterprise Cloud News. I want to focus on one part of his speech -- the part dealing with security and professional skills.

Let's start with some bad news: You probably don't have as many skilled security professionals as you'd like to have. Experienced security pros are in short supply across the IT industry. Now we'll continue with some news that's even worse: The odds seem pretty good that you'll never catch up with your security skills shortage. The rate of growth and change in the security industry are such that the supply is unlikely to ever catch up to demand.

According to Sondergaard, it's not all bad news, though. In his opinion, enterprise IT shops are going to be saved -- by artificial intelligence.

Before you roll your eyes too hard, take a moment to consider what Sondergaard means when he talks about AI in this context. While he admits that AI will almost certainly take some jobs from humans, Sondergaard says that he believes AI will be a net job creator. And part of that job creation function will be the extent to which AI augmenting human capabilities allows humans to do more for more organizations.

There are a lot of people working on AI-augmented security and some who believe that AI will become a requirement as a front-line technology just to keep up with the increasingly powerful and sophisticated threats from hackers. The question, really, is whether AI will become the basis of security, or a tool to help human analysts in the fight for more secure systems.


You're invited to attend Light Reading's 11th annual Future of Cable Business Services event. Join us in New York on November 30 for the premier independent conference focusing on the cable industry's continuing efforts in the commercial services market – all cable operators and other communications service providers get in free. 

In the view of Gartner analysts, AI is most effective when it's used to augment human intelligence, not replace human effort. Whether that augmentation takes the form of rapidly sorting through vast volumes of data that's only mildly interesting, making correlations that involve more variables than humans could consider in real time, suggesting courses of actions to human engineers when presenting threat data or a combination of all three, using AI as a tool is the course of action that makes the most sense to Gartner.

The skills shortage (and AI's role in alleviating the pain) is far from the only thing that Gartner analysts have to say about security. There's more to come from Gartner Symposium ITXpo. In the meantime, what do you think about AI and security? Should we turn our defenses over to artificial intelligence or is AI best seen as a tool to help make human security specialists better? The comment section awaits -- let us know!

Related posts:

— Curtis Franklin is the editor of SecurityNow.com. Follow him on Twitter @kg4gwa.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16275
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
CVE-2020-16276
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16277
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16278
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
CVE-2020-15139
PUBLISHED: 2020-08-10
In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visual editor doesn't escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability. The weakness can be exploited by pointing a victim to a page where the visual editor is active (e.g. as a post or Private Mes...