sb-nz logo
Story image

Using AI to address the cybersecurity skill shortage

14 Aug 2018

Article by IBM New Zealand security practice leader John Martin

Humans are the weak link when it comes to cybersecurity - over 90% of security incidents are attributable to human error.

This is when people do things like click on a bad link, open an attachment which is laden with malware or fail to change default passwords.

However, humans are also our greatest strength when defending ourselves from cybercrime.

Security analysts monitor processes and activity, research and respond to incidents, perform testing and proactively manage organisational threats.

It’s a role that taps into some uniquely human characteristics, including investigative curiosity, a passion for problem-solving, strong ethics and an understanding of risks.

The problem is that there is an expected shortage of over 1.8 million security professionals worldwide over the next few years.

Couple that with the fact that cybercrime costs the global economy US$600 billion each year and we have a perfect storm brewing.

While cybercriminals hone their craft, the businesses defending against them literally have empty seats at the other end of the wire.

This skills shortage is pushing many organisations to consider managed security service offerings rather than trying to compete for that talent and grow the capabilities in-house.

The centralisation of security resources in these security operations centres (SOCs) also enables greater collaboration and sharing of information on threats and how to stop them.

IBM’s command centres now manage over 20 billion events per day, with more than 3,700 clients worldwide in 133 countries.

It’s managing that growth by augmenting human expertise in SOCs with Artificial Intelligence (AI).

At a consumer level, AI can help spot phishing websites and filter spam.  

At an organisational level, AI can support teams of security analysts poring over an estimated 200,000 security incidents per year.

The AI system can look for threats to the business and alert the humans to investigate or respond when anomalies occur.

The rise of the new collar job

There has been plenty of debate on the role AI will play in our future.

Some point to the technology as a job killer, but in the world of cybersecurity, AI could actually be a job multiplier and create opportunities for “new collar” positions.

A new collar job is a job that prioritises skills, knowledge and willingness to learn over a university accreditation.

That means an employee doesn’t necessarily need a four-year degree in computer science to make a difference in an SOC.

IBM is not alone in this line of thinking; last year hundreds of New Zealand companies endorsed an open letter from the Strategic Insights Panel committing to removing tertiary qualification requirements from the skilled job openings in their workplaces.

People with the right skills and aptitudes can be taught the necessary technical skills on the job, in community college classrooms, and through modern vocational and skills education programs.

IBM created a new education model in the US called Pathways in Technology, or P-TECH, as one way to train these new collar workers for a job in cybersecurity.

Accelerating growth with AI 

Launched in 2011, P-TECH provides public high school students aged 14 to 19 with a clear path to post-graduate opportunities in fields aligned with the skills employers are looking for. They combine the best of high school, community college, hands-on-skills training and professional mentoring.

There are now nearly 100 P-TECH schools around the world, including ten in Australia, and IBM is exploring opportunities to introduce the programme in New Zealand.

Once these P-TECH graduates enter the workforce, AI helps them get a fast start.

For example, junior analysts now have the ability to investigate a new malware infecting mobile phones of employees, as the AI system helps to augment the analyst’s daily activities like an assistant.

It would quickly research the new malware impacting the phones, identify the characteristics reported by others and provide a recommended remediation.

With the threat landscape rapidly changing rapidly and the sophistication and numbers of threat variants becoming more complex, traditional approaches are falling short.​

IBM sees AI as the clear path forward and is investing in AI to help organisations defend themselves and cope with these challenges.

Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Link image
How to head off a rise in DDoS attacks
Many businesses invest in costly DDoS mitigation and protection solutions, but few test them. NCC Group tests all environments and is one of only two AWS DDoS Test Partners. Claim 10% off your next DDoS service today.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
IBM Security completes industry first with updates to Cloud Pak for Security solution
"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity."More
Story image
Report reveals relationship between boardroom and cybersecurity investments
“While boards are definitely listening and stepping up with increased budget for cybersecurity, they tend to view any investment as a cost rather than adding business value."More