In-brief:will computers and artificial intelligence “kill the infosec star” (to paraphrase The Buggles) with algorithms taking the place of workers who buy food, houses, cars and clothing? Maybe not, says Dario Forte of DF Labs in this Security Ledger podcast.
Most of the predictions about the rise of computer-driven automation are bleak – at least for humans. Already, the lion’s share (85%) of manufacturing jobs lost between 2000 and 2010 in the U.S. were lost to automation, not international trade. And that’s just the beginning. In the coming decades, huge swaths of the economy will be transformed by the advent of automation and autonomous machines from Teamsters (autonomous trucking) to super market baggers. The more “routine” a job is, the more likely it is to be automated, studies have found.
Still, the information security industry isn’t exempt. Despite its high-profile and the image of wizard hackers, there is much security work that is routine. And, with an official worker shortage of some 200,000 people in the U.S., investors and companies are plowing money into companies and products that allow a few precious information security workers to do more with less. Automation and machine learning play a big part in that.
At the recent Black Hat Briefings, teams made entirely of computers squared off in the Cyber Grand Challenge to play a game of capture the flag for a $2 million prize.
So will computers and artificial intelligence “kill the infosec star” (to paraphrase The Buggles)? Will those 200,000 positions be “phantom” jobs – destined to be filled by computer programs and algorithms, rather than workers who buy food, houses, cars and clothing?
‘Maybe not,’ says Dario Forte, the CEO of the firm DF Labs, a cyber security firm in Milan, Italy, that specializes in incident response and data breach detection. Forte, who is an incident response specialist, says that more reliance on machine learning and – eventually artificial intelligence might make cyber security workers better, more efficient and happier in their jobs, without obviating the need for them entirely.
Finding information security professionals is difficult, Forte acknowledged. But it is not the biggest challenge that companies face. Rather, retaining those workers is. And why is that? Forte said it’s because so much security work is routine and boring.
“You find and employ an information security worker and then you give them routine and repetitive tasks. If you don’t stimulate them, sooner or later they leave.”
Platforms that leverage machine learning promise to solve that problem by allowing humans to work on problems that are stimulating (i.e. investigating a security breach), while passing the boring and tedious work (i.e. reviewing logged events or warning messages, generating reports) to computers. “It allows the CISO and managers to focus on things that are actually important and automate things that are easier and repetitive,” he said.
Rather than having computers replace humans, Forte sees a future in which computers will turn human workers into “super humans” capable of doing their jobs with much greater efficiency and skill with the help of computer-guided insights.
Listen to our full conversation below in the latest Security Ledger Podcast.