RSA Conference 2023: Infosec and identity pros need AI — but it will change their jobs

Information security pros and vendors will need to master artificial intelligence (AI) to fight threat actors who are already leveraging it, the annual RSA Conference in San Francisco has been told.

“Without good AI, zero trust has zero chance,” RSA chief executive Rohit Ghai said in the conference’s opening keynote on Monday. “Without good AI, bad AI will take us for a ride.” And, he added, “without AI’s help, identity [verification] is a sitting duck.”

Photo of RSA chief executive Rohit Ghai at RSA Conference 2023
RSA chief executive Rohit Ghai during his keynote at RSA Conference 2023

Identity, he noted, is the most targeted part of an organization’s IT surface. AI can sniff out sophisticated and relentless phishing campaigns launched by bad AI, he argued. AI is needed to manage millions of access entitlement relationships that can change every second. AI can recognize over-provisioned accounts and flag suspicious privilege escalation.

But, he warned, AI will also change the nature of cybersecurity and identity management jobs. Many cybersecurity companies announcing AI products call them “co-pilots,” meaning humans will do the same jobs they’ve been doing for years but assisted by AI solutions.

“The co-pilot description sugar-coats a scary truth,” warned Ghai: “Over time we must expect that many [cybersecurity] jobs will disappear, many will change, and some will be created.”

This is OK, he said, in part because there is a shortage of cybersecurity talent. “We may remain in the cockpit for a little bit longer,” he added, “but we will need to work differently” in an AI-powered world.

“AI will make the easier decisions and automate most identity workflows. Humans will supervise the more impactful decisions and handle exceptions. Eventually, when we exit the cockpit we will have important roles like training, supervising, regulating, ethics and monitoring AI for air traffic control and designing flight plans.

“AI learns from the questions we ask it. We will train AI by asking well-specified thoughtful questions. We will invent new AI models and algorithms. We will cleanse and label the data that fuels AI.

“As we have learned with every new technology, AI will be a target for the adversary. Good AI will protect cyberspace, and we, the humans of identity will protect AI. We will innovate to prevent jailbreaking of good AI. We will deliver solutions to prevent data poisoning and prompt injections to ensure good AI remains aligned with our objectives.”

But, he added, “to prepare for this AI-powered world, we must confront our identity [management] crisis head-on. We need to re-imagine our role and our place in identity.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now