As the technological world hurls into the 2020s and cybersecurity future trends become reality, many experts expect the industry to evolve rapidly. Among the paradigm shifts still to come from digital innovation, data protection is bound to change and expand beyond the capabilities of today’s most common tools.

Above all, expect artificial intelligence (AI) to take a bigger role in cybersecurity as the IT industry seeks more efficient ways to shut down attacks immediately — or even before they happen.

Hiring AI Cybersecurity Guards

In the near future, new AI-powered solutions will look for anomalies in enterprise systems while matching patterns in threat actor behavior to predict when attacks are coming, said Shashi Kiran, chief marketing officer at Quali, a vendor of cloud automation services. Companies will also use AI tools to analyze user behavior and dig through system logs to spot problems, noted Laura Lee, executive vice president of rapid prototyping at cybersecurity training vendor Circadence. Lee said she expects AI-powered cybersecurity training to become more common as well.

In addition, AI systems will soon be able to analyze data from multiple sources, provide virtual assistants with special knowledge in cybersecurity and assist with penetration testing. In the coming decades, the “full scope of AI will be brought to bear in cybersecurity training environments to provide intelligent advisers, feedback and an AI adversary to practice against,” Lee added.

Planning for Obsolescence

Newer AI systems should provide capabilities that traditional antivirus products can’t. Many current security products focus largely on signature-based detection or analytics from patterns of suspicious activity, said Jason Rebholz, senior director of strategic partnerships at cybersecurity vendor Gigamon.

“With the emergence of AI, the basic decision-making can be offloaded to software,” he added. “While this isn’t a replacement for the analyst, it provides more time for them to perform more advanced decision-making and analysis, which is not easily replaced with AI.”

An AI-Driven Coding Evolution

Some security experts see big things for AI, with a sort of evolution built into its abilities.

“Imagine a world where cyberdefenses adapt and evolve with no human intervention,” said Kathie Miley, chief operating officer (COO) at Cybrary, another cybersecurity training company. “By putting AI into practice with evolutionary algorithms, software will also be able to assess current state, improve upon itself or kill off components no longer ideal for survival.”

Miley offered the example of a developer who accidentally creates a program with a structured query language (SQL) injection vulnerability: “AI will catch it and correct it with no human involvement, because it knows [the vulnerability is] dangerous to the application’s survival.”

Unfortunately, AI-trained systems won’t be exclusive to defenders. As Miley noted, threat actors “will be able to use AI to evolve their attacks without lifting a finger. It’s a race to who is stronger — the good guys or the bad guys.”

Why Cybersecurity Future Trends Won’t Exclude Humans

But even as AI takes a more central role in many organizations’ cybersecurity efforts, the need for qualified cybersecurity professionals will not diminish.

“Until AI evolves and wipes out humans, there will always be a place for people in the cybersecurity field,” Miley said. “Regulations, compliance, ethics and needs will need to be determined by us carbon life forms. However, tasks such as monitoring attacks and coding errors — and even coding itself — will certainly be automated at some point in the near future.”

Miley added that she sees a strong demand for security architects and governance, risk and compliance professionals in the coming years.

How AI Will Help Bridge the Skills Gap

New ways of automating some cybersecurity functions will help the industry bridge the cybersecurity skills gap that’s been growing since 2014. A recent Cybersecurity Ventures report forecast a shortage of 3.5 million open cybersecurity positions by 2021.

Bret Fund, founder and CEO of cybersecurity training academy SecureSet, argued that automated tools will require more refined skill sets.

“We will still have an education problem that will be exacerbated by the new skills required to interpret and analyze AI,” he predicted.

In addition, many small and medium-sized businesses will adopt AI tools more slowly than large enterprises will, meaning plenty of cybersecurity jobs will be available, Fund added.

Cybersecurity Workers: Seize the Day

Lee noted that demand is growing for cybersecurity workers with data science expertise as organizations look to maximize the value of the data they collect. She said she also foresees a shift in cybersecurity jobs that will “place soft skills and strategy at equal importance as required technical skills.”

Cybersecurity analysts, penetration testers and incident response professionals will be popular with job recruiters for several years, she added. However, those jobs may be changing, with more workers “expected to carry competencies in strategic thinking, creativity, problem-solving, working in teams and reporting alongside business objectives.”

Augmenting Automating With a Human Touch

According to Cesar Cerrudo, chief technology officer (CTO) of cybersecurity and penetration testing vendor IOActive Labs, paint-by-the-numbers cybersecurity jobs will soon be a thing of the past.

“Jobs that consist of repetitive tasks and tasks that don’t require creativity will disappear,” he said. “Having broad knowledge on past, latest and upcoming threats, along with broad vision in cybersecurity, will be required to achieve better results. You can’t properly secure a technology without anticipating what it will look tomorrow or in the next year.”

As technologies and their security measures carry us into 2020, forecasting threat trends will be the name of the game. Machine learning won’t replace the cybersecurity workforce any time soon, but get ready for a new face (or lack thereof) on your security operations center (SOC). Developing a broader skill set now and keeping an open mind will help you best prepare for the security industry of the future.

More from Artificial Intelligence

X-Force releases detection & response framework for managed file transfer software

5 min read - How AI can help defenders scale detection guidance for enterprise software tools If we look back at mass exploitation events that shook the security industry like Log4j, Atlassian, and Microsoft Exchange when these solutions were actively being exploited by attackers, the exploits may have been associated with a different CVE, but the detection and response guidance being released by the various security vendors had many similarities (e.g., Log4shell vs. Log4j2 vs. MOVEit vs. Spring4Shell vs. Microsoft Exchange vs. ProxyShell vs.…

Unmasking hypnotized AI: The hidden risks of large language models

11 min read - The emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it's important we recognize that cybercriminals are seeking the same benefits. LLMs are a new type of attack surface poised to make certain types of attacks easier, more cost-effective, and even more persistent. In a bid to explore security risks posed by these innovations, we attempted to…

Artificial intelligence threats in identity management

4 min read - The 2023 Identity Security Threat Landscape Report from CyberArk identified some valuable insights. 2,300 security professionals surveyed responded with some sobering figures: 68% are concerned about insider threats from employee layoffs and churn 99% expect some type of identity compromise driven by financial cutbacks, geopolitical factors, cloud applications and hybrid work environments 74% are concerned about confidential data loss through employees, ex-employees and third-party vendors. Additionally, many feel digital identity proliferation is on the rise and the attack surface is…

AI reduces data breach lifecycles and costs

3 min read - The cybersecurity tools you implement can make a difference in the financial future of your business. According to the 2023 IBM Cost of a Data Breach report, organizations using security AI and automation incurred fewer data breach costs compared to businesses not using AI-based cybersecurity tools. The report found that the more an organization uses the tools, the greater the benefits reaped. Organizations that extensively used AI and security automation saw an average cost of a data breach of $3.60…