After decades of viewing AI as science fiction, the release of ChatGPT in late 2022 has revolutionized the computing field. With ChatGPT now accompanied by Google Bard (renamed Gemini), Microsoft Copilot, and Claude, large language models (LLMs) are dominating the market, performing tasks previously reserved for humans.

In cybersecurity, organizations are rapidly adopting these technologies to enhance efficiency and reduce costs. But what impact is AI having on the cybersecurity profession?

Leveraging AI for Cybersecurity Tasks

The rapid advancement of AI and Machine Learning (ML) technologies, especially generative AI, allows for new capabilities in IT security. AI enhances threat detection, log data summarization, and compliance report generation. For example, AI can analyze network traffic to spot potential cyberattacks and sift through millions of logs to identify security incidents and ensure regulatory compliance.

However, cybercriminals are also exploiting AI to create convincing phishing schemes, sophisticated malware, and automate various cybercrime activities. AI-generated spear-phishing emails and deepfake content are examples of these malicious uses.

How AI is Reshaping Cybersecurity

1. Automating Routine Tasks: AI can handle repetitive tasks such as threat detection and monitoring of security tools, reducing the need for junior analysts to perform manual reviews.

2. Improving Threat Detection: AI-powered User and Entity Behavior Analytics (UEBA) can identify anomalies and potential threats more effectively than human analysts, including monitoring for regulatory compliance.

3. Predictive Security: AI can predict and identify vulnerabilities before they are exploited, opening new opportunities for cybersecurity professionals to collaborate with data scientists.

4. Enhancing Penetration Testing: AI can perform repetitive tasks and adapt to new scenarios during penetration testing, making the process more efficient and thorough.

5. Automating Incident Response: AI tools provide 24/7 monitoring, faster data processing, automatic threat detection, and response actions, allowing human professionals to focus on complex issues and develop AI skills.

Why AI Can’t Fully Replace Human Cybersecurity Professionals

1. Context Understanding: Humans understand context and industry-specific threats better than AI, which may miss relevant patterns or context-specific threats.

2. Creative Thinking: AI excels in repetitive tasks but lacks human creativity needed for solving complex incidents.

3. Ethical Considerations: Decisions involving legal and ethical implications, such as notifying law enforcement after a breach, require human judgment.

4. Adaptability: While AI can detect known threats, humans adapt quickly to new attack methods and evolving threats.

5. Emotional Understanding: Human expertise is essential for interactions with management and stakeholders, areas where AI currently lacks emotional intelligence.

6. Strategic Thinking: Long-term strategic planning to safeguard digital assets relies on human expertise and collaboration.

7. Accountability: Businesses need human accountability for protecting sensitive information, especially in regulated sectors like finance and healthcare.