Hiring: PC’s, Not Humans

Hiring: PC’s, Not Humans

This post is also available in: heעברית (Hebrew)

According to industry estimates, the US needs about 200,000 more workers to fill current cybersecurity roles. Globally, the gap is five times higher, an estimated 1 million workers.

The issue has become such a priority that US President, Barack Obama, made increasing the number of cybersecurity workers a key component of his multibillion-dollar Cybersecurity National Action Plan, which was introduced earlier this year. The White House said earlier this month it plans on boosting the federal cybersecurity workforce by 3,500 new hires by year’s end.

But as businesses compete for scarce cybersecurity talent and policymakers weigh remedies for the digital security worker shortage, the ground underneath the profession is shifting.

Computers equipped with sophisticated learning algorithms are performing jobs that until recently required highly trained humans. Over time, experts say, the complexity of cybersecurity jobs performed by machines will increase, further reducing the demand for workers and changing the entire nature of cybersecurity work.

“If we fast forward, I think we will see a diminished role for humans”, says Amir Husain, chief executive officer of SparkCognition, a startup focused artificial intelligence.

Much of the investment that’s going into the cybersecurity space to fuel the development of automation is directed at responding to cybersecurity incidents. Currently, humans are the ones who figure out how to respond to cyberattacks on networks, working to quickly block suspicious communications and analyze malicious behavior and software. But computers could perform the same functions — and do it much more quickly than people behind the keyboard.

According to csmonitor.com, the allure of machines quickly fixing vulnerabilities has led the Defense Advanced Research Projects Agency (DARPA), the Defense Department’s technology lab, to organize the first-ever hacking competition that pits automated supercomputers against each other at Black Hat cybersecurity conference in Las Vegas.

With the contest, DARPA is aiming to find new ways to quickly identify and eliminate software flaws that can be exploited by hackers, says DARPA program manager Mike Walker.

“We want to build autonomous systems that can arrive at their own insights, do their own analysis, make their own risk equity decisions of when to patch and how to manage that process”, said Walker.

Technology firms large and small are already moving toward that goal. In May, IBM announced plans to train a new, cloud-based version of its Watson cognitive technology to detect cyberattacks and computer crimes. As part of its training, IBM fed Watson a dictionary of information security-specific terms such as “exploit” and “dropper” and programmed it how to identify and respond to cybersecurity incidents.

Even though automation may play a more crucial role in improving digital defenses, humans will remain part of the picture – at least for the foreseeable future.

“There’s a huge need right now in the workforce and I don’t see that diminishing”, says Richard Forno, assistant director at the University of Maryland’s Center for Cybersecurity. “We have 10,000 or 12,000 open [positions] for security folks – and that’s just one state”.