The Power of Generative AI in Cyber Security: Automation and Augmentation

Generative AI has been making waves in various industries, including cyber security. With its ability to automate mundane tasks and augment existing workflows, generative AI is poised to revolutionize the way cyber security teams operate. In this article, we'll explore how generative AI can help cyber security teams find the needle in the haystack, streamline their workflows, and free up time for more strategic activities.

Fishing Analyzer Tool: A Prime Example of Generative AI in Cyber Security

One exciting example of generative AI in cyber security is our fishing analyzer tool. This tool analyzes the text and email to determine if it's a phishing attempt or not. It essentially automates the process of identifying suspicious emails, allowing security teams to focus on more critical tasks. The effectiveness of this tool relies heavily on data, as we've studied various behaviors over the past decade to develop the model. By analyzing patterns in email text, the fishing analyzer tool can isolate potential phishing attempts and weed out noise, enabling security teams to concentrate on high-priority alerts.

Alert Analysis: Making Sense of Noisy Data

Another area where generative AI shines is in alert analysis. Cyber security teams receive thousands of alerts per day, making it challenging to distinguish between genuine threats and noise. Generative AI models can help compare these alerts to past ones, identifying trends and anomalies that may indicate a potential issue. By automating this process, security teams can focus on investigating genuine threats rather than wasting time on duplicate or irrelevant alerts.

Augmenting Cyber Security Teams with Generative AI

As generative AI tools become more embedded in cyber security workflows, it's essential to understand how they'll impact the skills required of security professionals. Rather than automating away specific tasks, generative AI will augment existing workflows, allowing security teams to focus on higher-level activities such as data analysis and interpretation. Security professionals need to develop new skills that emphasize thinking about data, understanding its origins, and making informed decisions based on this information.

The Evolution of Cyber Security Careers with Generative AI

The shift towards generative AI in cyber security will likely accelerate the evolution of careers within the field. Rather than focusing on managing tools and software, security professionals will need to develop skills that enable them to provide value to businesses. This includes thinking about the meaning of data, understanding its significance, and advising organizations on security protocols and best practices. As a result, cyber security teams will require a more strategic approach, with a focus on proactive risk management, threat hunting, and business intelligence.

The Future of Cyber Security Workflows

As generative AI continues to transform the cyber security landscape, it's essential to rethink traditional workflows and skills sets. The sports car analogy is apt: just as drivers need to shift from focusing on mundane maintenance tasks to driving the vehicle, cyber security professionals will need to adapt their mindset to work with generative AI tools. By embracing this shift, security teams can unlock new levels of productivity, efficiency, and effectiveness in their daily operations.

"WEBVTTKind: captionsLanguage: enyou know we're talking about the threats here I think it's important to switch gears and this Segways really well to discuss the J of AI opportunity in cyber security in many ways cyber security teams must Fight Fire with Fire here uh to defend against this gen these generative AI power threats uh so maybe to set the stage you mentioned this earlier that you know in the early days kind of you know we're here talking early days of traditional Ai and machine learning is already being used to tackle cyber security challenges so maybe before we talk about how generative AI specifically accelerates cyber security efforts walk us through how traditional machine learning is used in cyber security today yeah I mean traditional uh machine learning has been has been used for years I mean it's basically a statistical analysis it tries to make predictions Based on data attributes or Trends right so I'm seeing a trend go look here or this trend is more like a trend that I've already identified as something I don't need to look right and so these traditional ml models they've been around for some time in cyber security to detect threats and or anomalous Behavior right and that's that's really using that type of ability has been something we've been working with for a long time that's really great and when you mention here for example generative AI being able to automate a lot of the mundane tasks that you know cyber security teams have maybe give us an example of what type of tasks here uh are going to be automated or augmented uh and how can generative AI help cyber secury teams you know find the needle in the H stack you know PR proverbially speaking here a good example was earlier this year we launched um our fishing analyzer tool and uh what it does is it analyzes the text and email you've probably gotten you training before when you get an email that you think is fishing forward it to fishing at whatever you need to forward it to and somebody insecurity is going to look at that well that takes a ton of time and it's not very interesting work for someone in security just to be checking an emailbox so we can use these models in our fishing analyzer essentially just analyzes the text of the email to determine um is it a fishing attempt is it not a fishing attempt you know we can we can Auto isolate we there's so many things that we can do based on the behaviors that we've studied for the past decade and that's why having data is so important in AI is having you know the model the data to train the behavior of the model right and so fishing analyzer example another um example where we're using ml models is our you know our customers get thousands of alerts per day from a security perspective it gets really noisy um and so the challenge in security is figuring out what's noise and then what needs to be investigated further like what's noise what can I ignore and then where do I really need to focus my time because time is limited um and so as alerts F fire our ml model is able to compare that alert to past alerts to see if there's similar Trends to see if there's maybe something that we've learned that we know every time we don't need to worry about can we trace it back to the same issue is it a duplicate thing that's happened so if you just weed out duplicates weed out noise that allows your security team to focus on things where there might be something right and so they can free up time and visibility for the things that really matter okay that's really great and you know you mentioned here the security team working you know hand inand in a lot of ways with these AI tools and Jen of AI Tools in their daily workflows and I think you know we often talk about um the difference between Automation and augmentation when leveraging generative AI tooling at work and I think cyber security teams are a great example of how generative AI can augment the current workflows of a particular team uh maybe how do you view the skills of cyber security teams evolving as gentiv AI tools become more and more embedded in their workflows uh what do you think are the primary skills they need to learn uh and where do you think you know what needs to change in in the make skills makeup of a cyber security team to become effective in using AI I think the um dependency if you look at you know prior to Automation and really we're still in the middle of this transition now of you know a security professional was really required to learn how to do use specific tools it was really you would talk to people in in in security and they would talk about their expertise around a certain type of Technology not even a category but like a specific tool and and that's not really security we want people thinking about the data thinking about where that data came from thinking about the meaning of that data to the organization why it's important in helping the the organization make accurate business decisions with accurate security information not managing a tool not not running a technology right we want we us interpreting the security information to help make business decisions with it and so I think what will happen is it will actually help um evolve the careers of our cyber professionals faster if you talk to most people in cyber security they don't like the mundane tasks they don't like managing the tool they want to be doing the offensive stuff hunting in people's environment and they want to be advising the business they want to be in front of their their company's mergers and Acquisitions team and helping to vet the company they're looking at acquiring based on their security protocols to see how hard it is or isn't going to be to roll them in the daily operations I mean there's so much value in the data that a security team gets access to they could really be better advisers to the business and AI is going to make us require less of our time to be spent managing a tool and making sure it works it's like having a sports car and it's just sitting cinder blocks in your garage leaking oil that's no fun I'd rather be out driving the sports car and so we want them to drive the car instead of constantly be working on it in the garageyou know we're talking about the threats here I think it's important to switch gears and this Segways really well to discuss the J of AI opportunity in cyber security in many ways cyber security teams must Fight Fire with Fire here uh to defend against this gen these generative AI power threats uh so maybe to set the stage you mentioned this earlier that you know in the early days kind of you know we're here talking early days of traditional Ai and machine learning is already being used to tackle cyber security challenges so maybe before we talk about how generative AI specifically accelerates cyber security efforts walk us through how traditional machine learning is used in cyber security today yeah I mean traditional uh machine learning has been has been used for years I mean it's basically a statistical analysis it tries to make predictions Based on data attributes or Trends right so I'm seeing a trend go look here or this trend is more like a trend that I've already identified as something I don't need to look right and so these traditional ml models they've been around for some time in cyber security to detect threats and or anomalous Behavior right and that's that's really using that type of ability has been something we've been working with for a long time that's really great and when you mention here for example generative AI being able to automate a lot of the mundane tasks that you know cyber security teams have maybe give us an example of what type of tasks here uh are going to be automated or augmented uh and how can generative AI help cyber secury teams you know find the needle in the H stack you know PR proverbially speaking here a good example was earlier this year we launched um our fishing analyzer tool and uh what it does is it analyzes the text and email you've probably gotten you training before when you get an email that you think is fishing forward it to fishing at whatever you need to forward it to and somebody insecurity is going to look at that well that takes a ton of time and it's not very interesting work for someone in security just to be checking an emailbox so we can use these models in our fishing analyzer essentially just analyzes the text of the email to determine um is it a fishing attempt is it not a fishing attempt you know we can we can Auto isolate we there's so many things that we can do based on the behaviors that we've studied for the past decade and that's why having data is so important in AI is having you know the model the data to train the behavior of the model right and so fishing analyzer example another um example where we're using ml models is our you know our customers get thousands of alerts per day from a security perspective it gets really noisy um and so the challenge in security is figuring out what's noise and then what needs to be investigated further like what's noise what can I ignore and then where do I really need to focus my time because time is limited um and so as alerts F fire our ml model is able to compare that alert to past alerts to see if there's similar Trends to see if there's maybe something that we've learned that we know every time we don't need to worry about can we trace it back to the same issue is it a duplicate thing that's happened so if you just weed out duplicates weed out noise that allows your security team to focus on things where there might be something right and so they can free up time and visibility for the things that really matter okay that's really great and you know you mentioned here the security team working you know hand inand in a lot of ways with these AI tools and Jen of AI Tools in their daily workflows and I think you know we often talk about um the difference between Automation and augmentation when leveraging generative AI tooling at work and I think cyber security teams are a great example of how generative AI can augment the current workflows of a particular team uh maybe how do you view the skills of cyber security teams evolving as gentiv AI tools become more and more embedded in their workflows uh what do you think are the primary skills they need to learn uh and where do you think you know what needs to change in in the make skills makeup of a cyber security team to become effective in using AI I think the um dependency if you look at you know prior to Automation and really we're still in the middle of this transition now of you know a security professional was really required to learn how to do use specific tools it was really you would talk to people in in in security and they would talk about their expertise around a certain type of Technology not even a category but like a specific tool and and that's not really security we want people thinking about the data thinking about where that data came from thinking about the meaning of that data to the organization why it's important in helping the the organization make accurate business decisions with accurate security information not managing a tool not not running a technology right we want we us interpreting the security information to help make business decisions with it and so I think what will happen is it will actually help um evolve the careers of our cyber professionals faster if you talk to most people in cyber security they don't like the mundane tasks they don't like managing the tool they want to be doing the offensive stuff hunting in people's environment and they want to be advising the business they want to be in front of their their company's mergers and Acquisitions team and helping to vet the company they're looking at acquiring based on their security protocols to see how hard it is or isn't going to be to roll them in the daily operations I mean there's so much value in the data that a security team gets access to they could really be better advisers to the business and AI is going to make us require less of our time to be spent managing a tool and making sure it works it's like having a sports car and it's just sitting cinder blocks in your garage leaking oil that's no fun I'd rather be out driving the sports car and so we want them to drive the car instead of constantly be working on it in the garage\n"