Can emerging tech fill the cyber security skills gap?

It is no secret that the cyber security industry stands at the precipice of an acute skills gap. While the global economy clamors for 3.4 million cyber security experts, the demand heavily outweighs the supply.

The lack of talented humans in a cyber security team – or an entirely non-existent team – could have devastating effects on organizations.

The World Economic Forum found that an alarming 60 percent of businesses would find themselves vulnerable during a cyber security breach due to this skills shortage. This is corroborated by Verizon's research revealing that 74 percent of breaches involve a human element.

Meanwhile, the (ISC)² Cybersecurity Workforce Study warned that misconfigured systems, slowly patched systems, poor risk assessment and rushed deployments can also happen.

What’s more, staff turnover and burnout are also impacting the safety and stability of the industry.

The average tenure of a CISO stands at just two years. With the time it takes to find, onboard and settle into the job, this rapid turnover directly impacts long-term security strategies.

Several studies also acknowledge a burnout epidemic for cyber security professionals resulting from staff shortages, alert fatigue, keeping pace with internal demands and the relentless attack environment.

However, as the storm clouds gather, a silver lining emerges. Emerging technologies like generative artificial intelligence (AI), quantum computing, automation and blockchain may serve as powerful allies to a strained cyber security workforce.

Emerging technologies on the horizon

Emerging technologies are heralding a new era and a seismic shift in operational dynamics.

A cornerstone of this transformation is artificial intelligence and machine learning. By processing and learning from vast datasets, they can identify patterns and predict potential cyber threats. This predictive capability enables cyber security professionals to counteract threats with greater speed and accuracy.

Quantum computing, though nascent, holds the promise of redefining encryption paradigms through advanced abilities to solve problems that are beyond the grasp of traditional computers.

Robotics and automation presents the promise of streamlining cyber security by swiftly countering cyber attacks without human intervention. With strapped cyber security teams, this can save professionals time on laborious tasks.

Add to this mix blockchain's transformative ability to change the way we securely store and transfer sensitive data, and it becomes clear that the cyber security industry is on the brink of a radical makeover that can support critical workforces.

How can tech bridge the cyber security skills gap?

Generative AI has emerged as a critical tool in enhancing the efficiency of cyber security operations. Given the increasing complexity of threats and the sheer volume of potential attacks, human analysts often find themselves overwhelmed.

Generative AI stands out by automating aspects of threat detection and analysis. This not only saves valuable time but ensures threats do not go unnoticed. By speeding up the identification process, it allows professionals to allocate their skills to more complex tasks, thereby maximizing human expertise where it is most needed. Analysis by Bain & Company found that all cyber security companies surveyed used generative AI at the identification stage of the SANS Institute’s incident response framework.

As cyber threats grow in complexity, they often exceed the analytical capabilities of conventional systems. Quantum computing offers an edge by offering the potential to break complex encryptions and solve problems that are too complex for traditional computers or the overwhelmed human mind.

It can handle tasks that would otherwise require massive teams of specialists. This means that even with fewer hands on deck, cyber security teams can tackle more formidable challenges.

Automation plays a pivotal role in addressing the burnout and round-the-clock vigilance demanded in cyber security roles.

Automated systems offer relief by continuously monitoring networks, swiftly detecting anomalies, and addressing potential threats even when human operators are off the clock. This 24/7 oversight reduces the workload on human analysts, ensuring they are not perpetually stretched thin and can focus on higher-level strategic decisions.

Together, these technologies do not just supplement human efforts, they magnify them. By integrating AI, quantum computing and automation into the cyber security framework, organizations can more effectively bridge the skills gap and ensure a safer digital realm for all.

However, the silver lining is not without its clouds. A staggering 93 percent of security decision-makers are bracing themselves for AI-enabled attacks in 2023.  

The UN Security Council's unprecedented meeting on AI also underscored the double-edged nature, with UK Foreign Secretary James Cleverly highlighting the potential harmful consequences for democracy and stability.

This serves as a potent reminder that the human element — our capacity for judgment, oversight and ethical discernment — remains paramount.

Ensuring a collaborative future

Despite the rapid advancements in technology, humans remain irreplaceable in the cyber security domain. The strength of a cyber security strategy is grounded in well-educated employees. They stand at the frontline, discerning malicious emails from genuine ones and ensuring the security of vital data.

For organizations to truly harness the capabilities of emerging technologies, it is crucial that business leaders advocate for a cyber security-first culture. This not only involves equipping their teams with the latest tools but, more critically, ensuring that every team member understands their importance and application. 

Yet, 38 percent of cyber security professionals report a lack of company-wide training or understanding in cyber security. Meanwhile, 37 percent of businesses fail to weave cyber security into the very fabric of their company culture.

It is this disconnect that highlights the pressing need for dedicated platforms where professionals can convene, learn and grow.

Free events like Cyber Security World Asia play an indispensable role in bridging this gap. Slated for 11-12 October 2023 at Marina Bay Sands, Singapore, the conference promises enlightening sessions including:

• Navigating third-party risk Landscape with emerging technologies with Dr. Magda Lilia Chelly, CISO at Responsible Cyber.
• Ransomware in the age of artificial intelligence with Fleming Shi, CTO at Barracuda Networks.
• Generative AI and cyber security with Ben Verschaeren, Senior Manager at Sophos.
• Apply standard to your emerging tech with Cheng Yew Kuann, Regional VP at PCI Security Standards Council.
• Bridging the cyber security skills gap with an esteemed panel featuring voices from Centre for Cybersecurity, Standard Chartered Bank, Nanyang Technological University, and Liberty Insurance.

By participating in such gatherings, professionals can fortify their knowledge, broaden their horizons and help create a future where technology and humans work hand-in-hand against cyber threats.