RSA Conference 2023: Infosec and identity pros need AI — but it will change their jobs

Share post:

Information security pros and vendors will need to master artificial intelligence (AI) to fight threat actors who are already leveraging it, the annual RSA Conference in San Francisco has been told.

“Without good AI, zero trust has zero chance,” RSA chief executive Rohit Ghai said in the conference’s opening keynote on Monday. “Without good AI, bad AI will take us for a ride.” And, he added, “without AI’s help, identity [verification] is a sitting duck.”

Photo of RSA chief executive Rohit Ghai at RSA Conference 2023
RSA chief executive Rohit Ghai during his keynote at RSA Conference 2023

Identity, he noted, is the most targeted part of an organization’s IT surface. AI can sniff out sophisticated and relentless phishing campaigns launched by bad AI, he argued. AI is needed to manage millions of access entitlement relationships that can change every second. AI can recognize over-provisioned accounts and flag suspicious privilege escalation.

But, he warned, AI will also change the nature of cybersecurity and identity management jobs. Many cybersecurity companies announcing AI products call them “co-pilots,” meaning humans will do the same jobs they’ve been doing for years but assisted by AI solutions.

“The co-pilot description sugar-coats a scary truth,” warned Ghai: “Over time we must expect that many [cybersecurity] jobs will disappear, many will change, and some will be created.”

This is OK, he said, in part because there is a shortage of cybersecurity talent. “We may remain in the cockpit for a little bit longer,” he added, “but we will need to work differently” in an AI-powered world.

“AI will make the easier decisions and automate most identity workflows. Humans will supervise the more impactful decisions and handle exceptions. Eventually, when we exit the cockpit we will have important roles like training, supervising, regulating, ethics and monitoring AI for air traffic control and designing flight plans.

“AI learns from the questions we ask it. We will train AI by asking well-specified thoughtful questions. We will invent new AI models and algorithms. We will cleanse and label the data that fuels AI.

“As we have learned with every new technology, AI will be a target for the adversary. Good AI will protect cyberspace, and we, the humans of identity will protect AI. We will innovate to prevent jailbreaking of good AI. We will deliver solutions to prevent data poisoning and prompt injections to ensure good AI remains aligned with our objectives.”

But, he added, “to prepare for this AI-powered world, we must confront our identity [management] crisis head-on. We need to re-imagine our role and our place in identity.”

The post RSA Conference 2023: Infosec and identity pros need AI — but it will change their jobs first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways