Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

AI

5/1/2018
09:35 AM
Jeffrey Burt
Jeffrey Burt
Jeffrey Burt
50%
50%

AI: Not the Cure-All for IT Security Skill Shortage

A new report by DomainTools and the Ponemon Institute finds that while automation will replace low-level security tasks, it will only increase the demand for highly skilled pros.

Business leaders who believe artificial intelligence and machine learning will help alleviate what is soon expected to be a 1 million-plus shortfall in skilled security pros may want to rethink that idea.

Cybersecurity has quickly become a top use case for the rapidly expanding AI field, both for its capabilities to help businesses protect themselves from the growing number of increasingly sophisticated attacks and breaches as well as enabling companies to automate some of the cybersecurity jobs and mitigate what's widely expected to be a large shortfall of skilled IT security workers. ISC(2) is predicting that by 2022, the shortfall globally will reach 1.8 million workers.

At the same time, businesses are embracing AI and machine learning for their cybersecurity efforts.

By 2020, 60% of the Global 2000 businesses will use AI-based security, according to IDC analysts, and a MarketsandMarkets report is predicting that spending on AI security will reach $34.8 billion by 2025, a 31.4% increase over spending in 2017. And despite the rising need for skilled IT security professionals, AI will replace some of the security jobs now being done by humans, including security analysis, intrusion detection and vulnerability assessment. (See AI Is Stealing These IT Security Jobs Now.)

But while automation that will come with AI and machine learning will replace some of those lower-skill security tasks like 24/7 monitoring and threat hunting, it actually will increase the shortage of skilled IT security personnel, according to a report by security platform vendor DomainTools and the Ponemon Institute. Automation may replace those tasks, but that will only increase the need for workers with more advanced skills, according to the report, "Staffing the IT Security Function in the Age of Automation," in which more than 600 IT and IT security professionals were surveyed.

Security skills in an age of automation
"While the majority of respondents believe that automation will improve the IT security staff's ability to do their jobs, it's because it will replace tasks like log analysis," Tim Helming, director of product management at DomainTools, wrote in an email to Security Now. "This leaves more time for the advanced staff to tackle more serious vulnerabilities and overall network security. More than three quarters of the respondents say that the use of automation in cybersecurity will not lessen the need for skilled IT security personnel. The fact is, no matter how sophisticated automation technology becomes, it will never replace human intuition and hands-on experience."

The data in the study indicated that highly-skilled IT security people are in short supply, Helming wrote. As humans are called upon to do even more advanced IT jobs, there will be more pressure on businesses to find people with such skills. Seventy-five percent of respondents said their InfoSec staffs are not only understaffed, but they are having difficulties finding qualified candidates to fill those jobs. In addition, 76% report that the use of tools and services leveraging AI and machine learning will only increase the problem by heightening the demand for more high-skilled people.

Only 23% report that automation will mean a reduction in their IT security staff. Forty-four percent said the use of automation tools will increase their need to higher people with greater technical skills.

The predicted increase in the shortage of IT security people has been talked about for several years, and now there is a growing concern that the increasing use of AI technologies for cybersecurity programs and IT in general will lead quickly to a shortage of AI skills. Hyperscale cloud providers like Google, Microsoft and Amazon Web Services also are cranking up their AI and machine learning capabilities, including in the area of security. (See Cybersecurity AI: Addressing the 'Artificial' Talent Shortage .)

According to the results from the new survey, which was released May 1, 41% of respondents said their inability to find the skilled people to staff their security programs has led to an increase in the investment of automation tools. Still, only 26% said they currently use such tools for cybersecurity, and 15% said AI is a trusted security tool in their companies.


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual Big Communications Event. There's still time to register and communications service providers get in free!

New skills
However, while many companies expect automation will increase the need to higher more people, most say such tools will improve their staffs' ability to do their job. Sixty-eight percent of respondents report that their IT security personnel will be able to focus on more serious threats and overall network security, while many of the jobs that AI will automate are time-intensive that are mission-critical but not a good use of staff time.

In addition, 36% said automation will reduce human error.

The key for companies in this time of automation -- where AI and machine learning will replace some tasks but lead to a greater demand for higher skilled workers -- is to find ways to attract and retain talent in a tight market, according to DomainTool's Helming. The study's authors noted that offering better compensation and a career path are keys to getting and keeping talent. The survey found that only 24% of respondents said their companies see IT security as a career path and 39% said their organizations' compensation packages are enough to attract top people.

A little over half -- 52% -- typically promote from within.

Given the "dichotomy" of more automation leading to the need to hire more people, "we are advocates of on-the-job training and continuous education," Helming said.

Companies also said IT professionals need a combination of technical skills as well as "soft skills" -- such as a good work ethic, creative problem solving, dependability and being a team player.

Related posts:

— Jeffrey Burt is a long-time tech journalist whose work has appeared in such publications as eWEEK, The Next Platform and Channelnomics.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/17/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8225
PUBLISHED: 2020-09-18
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
CVE-2020-8237
PUBLISHED: 2020-09-18
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVE-2020-8245
PUBLISHED: 2020-09-18
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11....
CVE-2020-8246
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...
CVE-2020-8247
PUBLISHED: 2020-09-18
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-W...