Artificial Intelligence (AI) and Large Language Models (LLMs) burst onto the scene in resounding fashion, and though the technology that powers them has made leaps and bounds, their implementations remain sort of... Awkward. Practically useful for some things, theoretically useful for others, and sometimes, unfortunately, useless. But with immense financial backing, the AI industry is still seeking to fill in the gaps and provide an automated solution for any conceivable need.

One such area is in the field of cybersecurity. AI is being explored as a defensive tool that might protect government institutions and businesses from attacks carried out by criminals and state actors. 

Two such use cases for the employment of AI in cybersecurity are already in active development by Google. They have been transparent about the use of AI in subsidiary Mandiant's daily operations, including in live security analysis. In April 2024, Google published a blog where LLMs are described as being used to monitor vulnerability alerts, as well as bolstering search power and communication of their teams. Another use is in malware analysis. This defensive technique is typically used to reverse engineer malware samples in order to find ways to remove the malware from a device, which might include file recovery through decryption or the de-escalation of admin privileges.

But these serve only as two tools in what Google hopes will be a complete defensive toolbox. Outlined in a whitepaper, their strategy is to design a "semi-autonomous security" platform which will automate the majority of security tasks, and this may set the tone for technological direction in the rest of the security industry. Tasks such as fraud detection, endpoint management, and even customer service and communication, all currently undertaken by security professionals, could in theory be off-loaded to specialised automated "agents," which are individual instances of automated AI.

Is it ready?

A survey conducted my McKinsey has found that the adoption of AI among businesses has soared to 74%, yet it appears that only 9% of cybersecurity professionals would describe AI as being "very effective," and only 28% as "moderately effective." According to a recent survey published by Dark Reading in "The State of Artificial Intelligence and Machine Learning in Cybersecurity", it seems that the consensus among industry professionals then is that the implementations of AI in a security setting is not quite up to scratch - yet.

Despite the above statistic, 44% of individuals surveyed stated that they are already planning to implement AI for security purposes - possibly not counting those who already have. This can be interpreted as a general sense of optimism in the industry about the efficacy of AI implementations.

It seems unlikely that the adoption of AI would lead to a loss of jobs in the security sector, as the majority of cybersecurity professionals are already overburdened with work. 46% of former cybersecurity staff who left their jobs cited high stress as the reason, while other causes of loss of employment include layoffs and budget cuts. Automated tools provided by LLMs are seen as a way of reducing operational cost whilst also easing the workload on security analysts. One example of this is where a junior member of staff would ordinarily need to seek the help of a more senior member of staff, they may already be dealing with a stressful and complex workload. The junior analyst could seek assistance from an AI agent instead, simplifying the process for all parties.

So, what does this mean for future security professionals? It means that their jobs are secure, and that work will be made easier, but there is no doubt that they had best become comfortable with the increasing use of AI for their work tasks.

Sources

https://www.mckinsey.com/featured-insights/sustainable-inclusive-growth/charts/gen-ai-casts-a-wider-net

https://www.darkreading.com/cybersecurity-operations/hiring-gap-not-talent-gap

https://cloud.google.com/blog/products/identity-security/make-google-part-of-your-security-team-supercharged-by-ai-next24

https://cloud.google.com/blog/topics/threat-intelligence/gemini-for-malware-analysis

https://www.darkreading.com/vulnerabilities-threats/llms-raise-efficiency-productivity-of-cybersecurity-teams

The information contained in this article is provided for informational purposes only and does not constitute professional advice and is not guaranteed to be accurate, complete, reliable, current or error-free.