Is Generative AI the Solution to the Cybersecurity Skills Gap?

by Koh Ssu Han, Solutions Engineering Director, ASEAN, CyberArk

Cybersecurity is a victim of its success. As more products and services get digitalised, the demand for cybersecurity workers to protect the safety of digital domains has exceeded supply.

Last year, ISC2 estimated a shortage of 3,961 cybersecurity workers in Singapore. The global shortage of cybersecurity workers widened by 12.6% to 4.0 million, with the fast-growing Asia Pacific region alone accounting for 23.4% – a shortage of 2.67 million cybersecurity workers. This is also true for identity security, where there aren’t enough skilled professionals to manage the ever-growing number of identities in the enterprise.

Leveraging Generative AI and Machine Learning

However, the shortage of specialised expertise in critical areas like cloud security and Zero Trust should not be allowed to constrain security teams. Thanks to Generative artificial intelligence (AI) and machine learning (ML), there is immense potential to bolster identity security, particularly in policy optimisation, risk reduction, and threat detection.

Endpoint security, for example, would traditionally see experienced professionals spend hours sifting through alerts and creating policies in response. These policies would need to be tested manually before they could be enforced. Now, though, AI can make this arduous process significantly easier by delivering prescriptive policy recommendations and allowing organisations to confidently set policies, reducing or removing the need for expensive senior analysts’ involvement. This means senior analysts can focus on more pressing tasks. Although testing outcomes before proceeding to production remains critical, AI here clearly facilitates the overall efficiency of this process.

In the meantime, ML algorithms equip security operations centres (SOCs) to be more nimble in the face of ever more sophisticated threats. Their ability to analyse large amounts of identity-centric threat data in real-time and integrate it with security orchestration, automation and response (SOAR) systems considerably optimise response workflows. This helps to reduce risk to organisations through shorter mean time to detection (MTTD) and mean time to response (MTTR) by reducing the workload on SOC analysts.

The benefits of AI and ML also extend to better identification and understanding of patterns and trends for more informed decision-making, reducing human errors and incidents. For instance, through AI-based user behavioural analytics (UBA) tools, organisations can go over large datasets to spot signs of risky user activities and anomalies, something that may be beyond human capabilities because of the large datasets involved. This allows organisations the agility to quickly investigate and address potential issues before they escalate.

Proactive organisations can also leverage these insights in their educational programmes to inform users outside of IT about behaviours to avoid, turning these insights to help improve security awareness within their organisations.

Ensuring Alignment

When adopting new tools into your digital architecture, ensuring they correlate with processes, systems, and policies is critical. Especially since the average enterprise IT environment today is complex. Here’s where the human element comes in. Though AI and ML can mitigate the skills shortage, it is not a silver bullet. Instead, it should be viewed for what it is; an extraordinary foil to cybersecurity’s key element – people.

That rests on contextualising AI and ML tools to specific use cases in your organisation. Tapping the expertise of external partners to fine-tune, adjust, and streamline will set organisations off to a great start. That can then be a platform to establish feedback loops with internal security teams to drive continuous improvements. In the final analysis, this is what will arm organisations with the resilience to ride the digitalisation wave in search of accelerated growth.