Security leaders live under the constant pressure of evolving and evolving threats, technology trends, and business needs. Many of us have had to play a difficult game of catch when we failed to ‘ride the wave’ of a move and didn’t have the right talent team ready. If it hasn’t happened to you yet, congratulations, live long in this industry, and it will happen. Of course, security leaders are now concerned with AI readiness strategy – yes, as a business technology, but also with the unique impact it will have on different cybersecurity sectors/tools over time.
Whether you’re in the camp of being impressed by the current iteration of AI or scornful of its ideals, there seems little doubt that there will be further and significant disruption. It’s easy to imagine the impact on SOCs, or forensics, chasing information on incidents, and so on. I also believe that the value of attack outweighs defense, but this will balance out over time.
Wild tech issues like AI always attract an army of marketers, evangelists, and experts who claim to have a crystal ball. Their suggested futures can be exciting and help to plan where technology will go, but none of them are usually sure enough to build a plan. So, what kinds of things are leaders doing now to prepare for AI in cyber security?
- Security teams are always running at 100% or even 105%. You should consider your strategy to build capacity for AI projects, especially if you want to quickly follow developments – testing AI security technologies, building custom tools, or responding to business needs. Build bandwidth now.
- Technology adaptation programs are required. Many are embedding AI tools in their daily work anyway (in some ways it’s good, in some ways it requires policy and operational intervention!) but that doesn’t mean that the teams you expect to jump into a future project are there and may be very busy. . You need to create a good excuse to get involved.
- Embed a few deep experts. Most see the friendly side of AI: chat-like interfaces that make it easy to ask questions. Behind this technology are machine learning and statistical methods. AI probably doesn’t have one big use case but it spawns many tools and processes, which means your team needs to prioritize and separate the wheat from the chaff. Understanding the mechanisms behind these tools helps evaluate them and understand their best use for your organization. At SANS, we’ve noticed many security leaders enroll their level 3 people in our classes, such as SEC595, so they know more than just the average person; understanding the power behind AI technology and how to put it forward.
- It’s interesting that (I’ve seen this in many large organizations) with many hot trends people are ‘waiting for it to happen’ to them. “I’ll wait for the AI to improve and find out later”. You can motivate your team to get involved now with webinars, conferences, hackathons, and more.
Building your teams bandwidth, and skills and making sure that people are participating with their peers to hear about the latest usage trends often yields the best results for jumping on the wave when a trend starts to matter in its impact.
At SANS Network Security 2024, coming this September in Las Vegas, NV, your team will have the opportunity to participate in those AI use case discussions with industry experts from around the world and take their learning from theory to practice. Read more here.
Source link