Addressing the Shortage of SAP-savy Personnel with Open Security and AI
If companies want to improve their cyber security, they often lack the relevant experts, as the study by the Global Information Security Workforce (GISWS) shows. The reasons: a lack of qualified talent on the market (41%) and a lack of budget (34%). The WEF study "Global Security Outlook 2023" speaks of a lack of specialist knowledge (13% of respondents) and a lack of in-depth training and the necessary expertise (around a third). The use of open security and artificial intelligence (AI) could change this.
Open Security improves IT security software as a joint initiative for the benefit of the entire community. The global developer community works together in an open security framework, pooling their collective intelligence and exchanging code, detection rules and artifacts. It fixes bugs, closes security gaps and thus protects IT systems together.
At the same time, the model is suitable as a learning platform. Young and less experienced talents observe the actions of knowledgeable participants. In a kind of real-time school, they develop new skills in various disciplines and become active participants themselves. Employers in the open source community can thus access a pool of talent that is constantly evolving.
AI-supported cybersecurity reduces complexity and makes it easier to get started. The Large Language Models (LLM) behind Generative AI (GenAI) models such as ChatGPT have already absorbed a great deal of cybersecurity knowledge. To leverage this experience effectively, GenAI assistants come into play: they utilize all the security expertise in the LLM, enhancing the capabilities of human security analysts. At the same time, the AI assistant becomes a kind of "senior mentor" for junior staff and offers promising solutions to the skills shortage. It democratizes applications, recommends ready-made prompts that make it easy for all skill levels to benefit from them, and thus enables less experienced employees to work with advanced security tools.
However, where less experienced employees on the corporate side benefit from AI assistants, the same is true on the cybercriminal side. When an AI assistant guides them in attacks, even inexperienced attackers, such as script kiddies, suddenly gain access to skills that go beyond their own knowledge. Defenders need to keep up and stay up to date - this is the only way they can really take advantage of the benefits that GenAI brings.