Already in 2023 we have seen an explosion of AI (artificial intelligence) and ML (machine learning) solutions making waves across tech sectors, and becoming more mainstream. You only have to take a look through your LinkedIn feed and you will now doubt come across many discussions and mind blowing examples of how AI and ML are being used.
Whether we realise it or not, automation, AI and ML already play a part in our lives, and in the cyber security processes and solutions utilised to protect our sensitive data and critical assets. For example, Microsoft process 24 trillion signals every single day across identities, endpoints, devices and collaboration tools, and without AI they would not be able to tackle such volumes.
A recent survey by IBM reported that 93% of IT executives are already using or considering implementing AI and ML to strengthen their cyber security strategies.
As the use of automation, ML and AI in cyber security becomes more prevalent, it’s natural to wonder if the human element will become obsolete. After all, these technologies have the ability to process large amounts of data and identify potential threats much faster than a human ever could.
However, while automation and AI can be incredibly useful tools for identifying and mitigating cyber threats, they have certain limitations and so the human element in cyber security is still crucial and will always remain necessary.
Key Limitations of Automation, ML and AI
- Inability to understand context: For example, an AI algorithm might flag a certain piece of data or activity as suspicious, but a human cybersecurity expert would be able to understand the context in which it occurred and determine whether it’s actually a threat or not. This ability to understand context is crucial for accurate threat detection and response.
- Inability to adapt to new and unknown threats: Automation and AI typically rely on pre-existing data and algorithms to identify and respond to threats. However, cyber threats are constantly evolving, and new types of threats can emerge at any time. Threat actors are known to be unpredictable in their tactics, and anticipating their next move in a cyber attack requires the expertise and training of a human mind.
- More prone to produce false positives and negatives: Automation lacks the ability to reason with uncertainty or incomplete data. Human experts can use their experience and knowledge to better evaluate whether an alert is a false positive or not. Furthermore, humans are better in decision making as they can weigh the costs, benefits and trade-offs of different actions.
- The need to be managed: The reality is that these technologies can help to automate many routine tasks and identify potential threats, however human experts are still needed to oversee the system and make decisions.
- Inability to fully replicate human behaviour: Another important limitation is related to the human aspect of the cyber attack, as many cyber attacks are designed to take advantage of human nature such as phishing attacks and social engineering, in these cases machines are not always able to detect and prevent them. In these scenarios, human experts are needed to educate and train other people on how to be aware and identify these kinds of attacks, and to develop countermeasures that take into account human nature.
While automation and AI will continue to play a larger role in cyber security, they lack the creativity and problem-solving ability of a human cyber security expert and so the human element will always be necessary, the key is to find a balance, a blend between automation and human insight, in order to create the most effective cyber security strategy possible.
Full Spectrum Cyber security Services – Flexible Support from Cyber Experts
At Infosec Partners, we understand the importance of blending the latest tech with the latest thinking to offer a comprehensive range of cyber security services and solutions. With over 20 years of experience in cyber security we strive to utilise the best technology and the best people, whilst providing unparalleled customer support. Get in touch if you would like to know more.