Unlike industries that fear the intrusion of AI, the infosec world is embracing this revolutionary technology, and the seismic changes it will bring to threat detection and mitigation.
I was reminded of a mathematical hypothesis called the singularity when I read Vinod Khosla’s recent interview in the Wall Street Journal and his prediction of massive job displacement and the growth of new industries due to the widespread adoption of artificial intelligence (AI).
The singularity is a point and phase in the future when bio, nano, energy, robotic, and computer technology will develop at such a rate, become so advanced, and have such a profound impact on humanity, that today’s society has no means to understand or describe what life will be like at that time in the future.
It made me wonder how far and fast we are heading in the same explosion of unfathomable change occurring today in information security. Just as IT revolutionized all forms of business in the last half-century, and the Internet in turn revolutionized IT in the last quarter-century, the trajectory we are on now places AI squarely at the next technology inflection point.
The study of history often provides a strong predictor of human societal change. When history unexpectedly veers off course, it is usually due to a substantial technology advancement and the subsequent seismic changes it brings to business and economic systems.
Our perception and use of AI today, also known as machine intelligence, is still in its infancy. New industries are learning by doing, just as we did when the Internet was in its infancy. Looking back, it’s easy to wince and laugh at interviews of experts in the mid-1990s describing the revolutionary nature of email and the world wide web and their dire predictions about the dreaded Y2K.
Their projections were both right and wrong, limited in part by what they understood at the time.
The impact of what the Internet would ultimately deliver to business and, in turn, society, could not have been foreseen.
The Promise of AIAs a new swath of information security technologies deploy their first generation of AI – seeking to solve many of the security and confidentiality issues that have plagued businesses over the last 40 years – we’re already starting to feel their positive impact.
The information security world is now starved for human capital.
There is a global shortage of experienced security workers across the spectrum of skills and specialties.
This is holding back advancement and exposing IT systems and Internet businesses to criminality and ransom.
Unlike industries that fear the intrusion of AI, the information security industry – driven largely by a global shortage of qualified employees – is embracing it.
As networks become more sophisticated, generate more data, and are exposed to increasingly advanced threats, AI and the automation it empowers are the cure.
This first generation of AI-driven security solutions are focused primarily on automatically sifting through data, hunting for threats, and facilitating a human-led remediation plan. When the first generation of security AI masters threat detection, it will be entrusted with preemptive threat mitigation and auto-remediation of known threats.
Our perception of today’s 24×7 security operations center will eventually be replaced with the second generation of AI-led security technology – leaving human operators to focus on business continuity and critical support issues.
However, just as AI is a boon to the defender, so too is it to the attacker.
Defense contractors and governments around the world are already using AI to sift through great lakes of network data and intelligence, and hunt for exploitable weaknesses. Just as fast as armies introduced tanks to warfare, tank-on-tank warfare became a necessity.
AI-on-AI warfare has just begun.
If there’s one thing to be learned from the last century’s technology history, it’s that all the important advances are eventually consumerized.
As such, in the next 25 years, I anticipate that AI defense systems will unleash unimaginable ways to combat cyber threats.
Gunter Ollmann is chief security officer at Vectra. He has nearly 30 years of information security experience in an array of cyber security consulting and research roles.
Before joining Vectra, Günter was CTO of Domain Services at NCC Group, where he drove strategy …
View Full Bio