AI in cybersecurity
Many IT decision-makers see AI as the only way to successfully upgrade against attacks. However, AI is only in its infancy in security technology in order to serve suitable fields of application. With the help of AI, the detection and defence against cyberattacks can be significantly improved and AI will soon play a major role in prevention.
However, there are limits. It would be almost negligent to rely solely on artificial intelligence. The algorithms have a narrow focus and work with standardized sets of rules. Clever cybercriminals are able to introduce new scenarios that are completely new to the algorithms in order to break new, not secured ground. Identified viruses should be classified and examined by humans in order to avoid unnecessary false alarms.
In each case, it is important to check whether AI should only be used as a tool in the corporate IT security strategy or whether it should increasingly cover the security area. If necessary, the entrepreneurial focus must be directed more towards the necessary human resources. From today’s view, successful and therefore secure anticipatory action, just like forensic thinking, is still reserved for human intelligence.
The position of IT security
In many large companies and corporations, the position of the IT security officer is deliberately located in the management. Hazards and risks are cross-sectoral, all companies are subject to the same attack patterns. But how can companies protect themselves? Security as a tailor-made product from the catalogue does not exist and there are still limits to AI.
Sufficient defence against cyberattacks should normally be the responsibility of the company management. It is essential to set up a functioning IT risk and IT security management system in the company to minimize the attack possibilities for hackers. Security measures must be developed, implemented and executed and also constantly monitored, reviewed and improved.
Required skills for security specialists
Security specialists need to be much more broad-based in terms of their qualifications and profiles than mere IT experts. They focus on implementing and executing a sustainable and resilient ISMS along with data protection and physical security measures to achieve comprehensive security solutions and operational risk and crisis management.
Effective prevention work and the planning of potential attack scenarios are also standard tasks. Such planning requires – in addition to pure programming languages – several years of relevant professional experience in the area of information security, certification such as CISSP, CISM, CISA as well as very good knowledge in the area of security, network and also cryptography.
In addition to the knowledge in the field of encryption with a mathematical focus and a specialist course such as in economics or MINT, a sound professional experience in IT security (threat response/analysis and intelligence), CERT, conception of intrusion detection and prevention systems is also required. Solid knowledge in the fields of anti-malware software, network administration, IT security or IT forensics and the common scripting and programming languages are just as important prerequisites as a pronounced skill in communication and documentation.
In the coming years, it will be increasingly important for company managers to understand the topic of cybersecurity as a brand attribute and not just wait for this problem to resolve itself. Responsibilities must be reorganized and established. AI is an option but not the only way to combat cybercrime. Those who acquire the desired and suitable specialists and managers with this knowledge in due time already have a clear competitive advantage.