‘Humans are underrated’: Why AI in cyber security isn’t a case of us or them

If you’ve seen even a handful of films on the matter, you’ll know that artificial intelligence (AI) is taking over: The Terminator, The Matrix, I, Robot – they all envisage a world where machines come to rule. Even Fritz Lang’s Metropolis, released in 1927, was pessimistic about our robotic counterparts. The reality, however, isn’t nearly…

If you’ve seen even a handful of films on the matter, you’ll know that artificial intelligence (AI) is taking over: The Terminator, The Matrix, I, Robot – they all envisage a world where machines come to rule. Even Fritz Lang’s Metropolis, released in 1927, was pessimistic about our robotic counterparts. The reality, however, isn’t nearly so bleak. We’re far from being enslaved (physically, at least) and, for better or worse, remain the planet’s most destructive force. But there are discussions to be had. Worldwide spending on AI systems is set to reach $35.8 billion this year – up 44% from 2018 – and there is a real concern that human development is at risk.

The thinking is this: if enterprises put most of their resources into training machines, they can’t be fully supporting their people. There’s also the chance that maybe – just maybe – robots aren’t cut out for all jobs, and thus we should continue investing in flesh. Take, for example, Elon Musk’s Tesla-building operations. Last year, the tech entrepreneur (and suspected supervillain) decided that automation was the future of production, bragging that robots were his empire’s competitive advantage. Two months later he tweeted, ‘Excessive automation at Tesla was a mistake. To be precise, my mistake. Humans are underrated.’

Clearly, there is a big difference between human and AI capabilities. The latter can lift, push, pull and calculate, but unlike the former, it cannot invent, contextualise or make decisions based on morals. Because of this, it seems like we will always need skilled human beings. The current obsession with AI can be forgiven considering its huge potential, but we would do well to remember that when robots mess up, it’s people who must reverse the damage.

It’s not ‘us versus them’

The good news is, it’s not a question of ‘us or them’. A recent Harvard Business Review study found that, while AI is getting better at ‘human’ jobs, businesses achieve the most significant performance improvements when humans and machines operate cohesively. Complementary skills such as creativity (human) and scalability (machine) enable workforces to exceed the sum of their parts.

Machines can also be used to carry out the mundane tasks previously done by humans, which frees up a lot of employee time. This is undoubtedly a good thing, especially in technical industries such as cyber security, where constant upskilling is required for workers to remain current. In fact, AI is a particularly hot topic in cyber security because of the skills shortage. According to (ISC)2’s Cybersecurity Workforce Study, 63% of organisations need more security staff, while there is a shortage of nearly three million security professionals globally.

The irreplaceable human

One school of thought says that AI is the panacea for this shortage – but this isn’t the case either. Machines cannot control security operations centres (SOCs) without the leadership, insight and decision-making skills provided by humans; we are irreplaceable. In fact, relying too heavily on AI could even worsen the skills gap, as new technology demands experts to oversee it. And where does their training come from? It’s certainly not robots.

Ultimately, cyber security firms should be utilising AI to carry out the tedious processes where humans are weaker, developing it slowly and certainly not to the detriment of people. There is no doubt that AI can help improve security – it can be weaponised, too – but we must not lose sight of the need to upskill ourselves. Symantec’s Chief Technology Officer Hugh Thompson says, “While we are certainly moving toward more automation across all industries, there will always be a need for human intervention in cyber security.”

We help businesses to increase and evidence human capability in every part of cybersecurity.

Legal