Will AI replace security teams?

2025-03-28
Will AI replace security teams? White Blue Ocean Blog

Artificial Intelligence (AI) and Large Language Models (LLMs) burst onto the scene in resounding fashion, and though the technology that powers them has made leaps and bounds, their implementations remain sort of... Awkward. Practically useful for some things, theoretically useful for others, and sometimes, unfortunately, useless. But with immense financial backing, the AI industry is still seeking to fill in the gaps and provide an automated solution for any conceivable need.

One such area is in the field of cybersecurity. AI is being explored as a defensive tool that might protect government institutions and businesses from attacks carried out by criminals and state actors. 

Two such use cases for the employment of AI in cybersecurity are already in active development by Google. They have been transparent about the use of AI in subsidiary Mandiant's daily operations, including in live security analysis. In April 2024, Google published a blog where LLMs are described as being used to monitor vulnerability alerts, as well as bolstering search power and communication of their teams. Another use is in malware analysis. This defensive technique is typically used to reverse engineer malware samples in order to find ways to remove the malware from a device, which might include file recovery through decryption or the de-escalation of admin privileges.

But these serve only as two tools in what Google hopes will be a complete defensive toolbox. Outlined in a whitepaper, their strategy is to design a "semi-autonomous security" platform which will automate the majority of security tasks, and this may set the tone for technological direction in the rest of the security industry. Tasks such as fraud detection, endpoint management, and even customer service and communication, all currently undertaken by security professionals, could in theory be off-loaded to specialised automated "agents," which are individual instances of automated AI.

Is it ready?

A survey conducted my McKinsey has found that the adoption of AI among businesses has soared to 74%, yet it appears that only 9% of cybersecurity professionals would describe AI as being "very effective," and only 28% as "moderately effective." According to a recent survey published by Dark Reading in "The State of Artificial Intelligence and Machine Learning in Cybersecurity", it seems that the consensus among industry professionals then is that the implementations of AI in a security setting is not quite up to scratch - yet.

Despite the above statistic, 44% of individuals surveyed stated that they are already planning to implement AI for security purposes - possibly not counting those who already have. This can be interpreted as a general sense of optimism in the industry about the efficacy of AI implementations.

It seems unlikely that the adoption of AI would lead to a loss of jobs in the security sector, as the majority of cybersecurity professionals are already overburdened with work. 46% of former cybersecurity staff who left their jobs cited high stress as the reason, while other causes of loss of employment include layoffs and budget cuts. Automated tools provided by LLMs are seen as a way of reducing operational cost whilst also easing the workload on security analysts. One example of this is where a junior member of staff would ordinarily need to seek the help of a more senior member of staff, they may already be dealing with a stressful and complex workload. The junior analyst could seek assistance from an AI agent instead, simplifying the process for all parties.

So, what does this mean for future security professionals? It means that their jobs are secure, and that work will be made easier, but there is no doubt that they had best become comfortable with the increasing use of AI for their work tasks.

Sources

https://www.mckinsey.com/featured-insights/sustainable-inclusive-growth/charts/gen-ai-casts-a-wider-net

https://www.darkreading.com/cybersecurity-operations/hiring-gap-not-talent-gap

https://cloud.google.com/blog/products/identity-security/make-google-part-of-your-security-team-supercharged-by-ai-next24

https://cloud.google.com/blog/topics/threat-intelligence/gemini-for-malware-analysis

https://www.darkreading.com/vulnerabilities-threats/llms-raise-efficiency-productivity-of-cybersecurity-teams

 

The information contained in this article is provided for informational purposes only and does not constitute professional advice and is not guaranteed to be accurate, complete, reliable, current or error-free.

Related news

What Trump's Re-Election Means for US Data Privacy
2024-12-11

Donald Trump’s re-election brings new debates about data privacy, AI regulation, and cybersecurity. This article evaluates his policies, from TikTok to encryption, and their possible effects on US citizens and innovation.

Read more
Learn more about ChatGPT and the rise of AI in cybercrime
ChatGPT and the rise of AI in cybercrime
2023-03-12

ChatGPT is an artificial intelligence (AI) tool developed by OpenAI that has the ability to generate human-like text. It has genuine real-world applications, and its creators believe it could soon completely reshape the structuring and operation of modern businesses. While this tool can already be used for a variety of purposes, including language translation and content creation, it also presents potential dangers when fallen into the wrong hands.

Read more
Hackers Are Using CAPTCHA as Attack Vector
2025-03-14

Cybercriminals use malicious CHAPTCHAs to install stealers on victims' computers, collecting sensitive data such as emails, passwords, addresses, and financial information. We examine various attack methods, including watering hole attacks, ad abuse, and SEO poisoning, and provide practical tips for protecting yourself from these sophisticated threats.

Read more
DDOS Attacks Rock The Italian Financial Sector
2025-02-21

The Russian-based NoName057 group has targeted Italy's financial infrastructure with DDOS attacks, affecting banks and other critical organizations. These attacks are linked to Italy's support for Ukraine. The attacks highlight the need for businesses to implement real-time monitoring and advanced security measures to protect their infrastructure.

Read more

Contacts

Let's talk

Please fill in the form below (fields with * are mandatory) and we will respond to your request as soon as possible!