Artificial intelligence (AI) is revolutionizing industries from healthcare to manufacturing to agriculture, and cybersecurity is no exception. As AI reshapes possibilities across various sectors, it is also steering the cybersecurity profession in a bold, new direction. This AI-driven transformation will not only alter the daily activities of cybersecurity practitioners but also necessitate new roles and skill sets within the profession.
In the U.S., the Workforce Framework for Cybersecurity (NICE Framework) spans public, private, and academic sectors. It defines seven high-level cybersecurity functions linked to 33 specialty areas and 52 work roles, detailing specific knowledge, skills, and abilities. These functions range from cybersecurity governance to design and development, threat management, operations, analysis, and investigation.
Similarly, the European Cybersecurity Skills Framework (ECSF) outlines 12 cybersecurity professional role profiles, detailing their titles, missions, tasks, skills, knowledge, and competencies. These roles vary from managerial to legal, operational, assurance, and risk management.
In the U.K., the Cyber Security Council defines 16 specialisms in cybersecurity, from managerial to technical. These governmental skills frameworks are mapped to credentials offered by cybersecurity associations, guiding professionals in enhancing their skill sets.
These initiatives are crucial as the cybersecurity profession evolves. The rapid adoption of AI and other emerging technologies, coupled with the creation of larger digital ecosystems and increased sophistication of cyber threats, underscores the need for a holistic set of skills per function. Cybersecurity expertise is essential, but viewing cybersecurity in isolation contributes to many of the failures observed today.
Cybersecurity professionals must understand the business context of the ecosystems they protect to apply or embed cybersecurity effectively. They also need to grasp adjacent domains like audit, privacy, risk, and digital technology governance to ensure cybersecurity aligns with the needs of these domains and is not siloed.
Moreover, understanding emerging technologies like AI is vital. One cannot protect what they do not understand—whether identifying risks, building controls, or conducting forensics and investigations in AI-embedded ecosystems.
As highlighted in our whitepaper, "The Promise and Peril of the AI Revolution," AI enables a more sophisticated world of cybercrime. Bad actors are using AI to write malware faster, generate hacking scripts, launch ransomware attacks, and convincingly imitate CEO voices. Concurrently, threats against AI are rising, from algorithm manipulation attacks to privacy breaches.
In this context, the cybersecurity profession will become exponentially more important. But what will it look like?
AI offers unparalleled capabilities to identify threats and patterns, automate real-time responses, swiftly process entire datasets, and accelerate decision-making. This transformation will demand cybersecurity professionals to adapt and evolve, integrating AI knowledge and skills into their repertoire to stay ahead of emerging threats.
The future of cybersecurity is intertwined with AI, and professionals must be prepared to navigate this new landscape. By embracing AI and expanding their skill sets, cybersecurity practitioners can ensure they remain relevant and effective in protecting our increasingly digital world.
Read the article: https://www.forbes.com/sites/forbes...cybersecurity-profession-with-the-rise-of-ai/
The Cybersecurity Profession Today
Globally, several jurisdictions are proactively addressing the expanding skills gap in cybersecurity. They are defining the profession to guide government, industry, and academia in a structured manner.In the U.S., the Workforce Framework for Cybersecurity (NICE Framework) spans public, private, and academic sectors. It defines seven high-level cybersecurity functions linked to 33 specialty areas and 52 work roles, detailing specific knowledge, skills, and abilities. These functions range from cybersecurity governance to design and development, threat management, operations, analysis, and investigation.
Similarly, the European Cybersecurity Skills Framework (ECSF) outlines 12 cybersecurity professional role profiles, detailing their titles, missions, tasks, skills, knowledge, and competencies. These roles vary from managerial to legal, operational, assurance, and risk management.
In the U.K., the Cyber Security Council defines 16 specialisms in cybersecurity, from managerial to technical. These governmental skills frameworks are mapped to credentials offered by cybersecurity associations, guiding professionals in enhancing their skill sets.
These initiatives are crucial as the cybersecurity profession evolves. The rapid adoption of AI and other emerging technologies, coupled with the creation of larger digital ecosystems and increased sophistication of cyber threats, underscores the need for a holistic set of skills per function. Cybersecurity expertise is essential, but viewing cybersecurity in isolation contributes to many of the failures observed today.
Cybersecurity professionals must understand the business context of the ecosystems they protect to apply or embed cybersecurity effectively. They also need to grasp adjacent domains like audit, privacy, risk, and digital technology governance to ensure cybersecurity aligns with the needs of these domains and is not siloed.
Moreover, understanding emerging technologies like AI is vital. One cannot protect what they do not understand—whether identifying risks, building controls, or conducting forensics and investigations in AI-embedded ecosystems.
Changes Coming to the Cybersecurity Profession
AI is set to continue transforming the cybersecurity profession in the coming years, but the AI-shaped reality has already arrived.As highlighted in our whitepaper, "The Promise and Peril of the AI Revolution," AI enables a more sophisticated world of cybercrime. Bad actors are using AI to write malware faster, generate hacking scripts, launch ransomware attacks, and convincingly imitate CEO voices. Concurrently, threats against AI are rising, from algorithm manipulation attacks to privacy breaches.
In this context, the cybersecurity profession will become exponentially more important. But what will it look like?
AI offers unparalleled capabilities to identify threats and patterns, automate real-time responses, swiftly process entire datasets, and accelerate decision-making. This transformation will demand cybersecurity professionals to adapt and evolve, integrating AI knowledge and skills into their repertoire to stay ahead of emerging threats.
The future of cybersecurity is intertwined with AI, and professionals must be prepared to navigate this new landscape. By embracing AI and expanding their skill sets, cybersecurity practitioners can ensure they remain relevant and effective in protecting our increasingly digital world.
Read the article: https://www.forbes.com/sites/forbes...cybersecurity-profession-with-the-rise-of-ai/