AI has been the subject of a lot of hype in recent months, but one place where the hype is justified is cybersecurity. AI will completely remake the cybersecurity landscape — and create a lot of disruption in the process.
To cut to the chase before we get into the details: AI will make security worse before it makes it significantly better, but at the cost of a lot of jobs. Read on for the full implications of all this.
Security is the biggest challenge facing IT, and expect that to get worse in the near term. AI is likely to make hacks happen faster, whether that’s hacking training data so the model is skewed to make incorrect decisions, or the constant attacks on operating systems that threaten the core of our society. Whether it is Windows, Linux, or some other OS, hundreds if not thousands of people write code, people make mistakes, and operating interactions between various parts of the OS make it difficult to check all of the possible cases.
My hypothesis is that AI in the not too distant future will be used to evaluate operating systems and applications to improve security, and more and more code will be created by AI programs instead of humans. Initially, AI coding could create security issues, but over time, the machines will get better — Alphabet’s DeepMind lab and GitHub have already gotten started — and eventually they’ll surpass human abilities. Some eventually expect to see self-healing code.
The same goes for security. Hackers may gain an early advantage with AI, but as code and defenses adapt, it will be the machines that finally give us reliable cybersecurity. Security vendors have already started work with generative AI and large language models.
We are just at the start of this process of code generation and evaluation by AI. When — not if — this happens, it will have broad implications, both good and bad, for everything from our digital lives and personal data to millions of jobs. The disruption will be enormous, and we must prepare for it.
The Good News: Secure Code for All
There is a lot of good that will happen if AI can be secured and generate secure code for operating systems and applications, but the first step before that will be checking to see if the OS and application code written by humans is secure. We will see far fewer hacks as the vulnerabilities in code is slowly eliminated.
We may not be able to prevent people from infecting systems by clicking on malicious links, but that will likely be mitigated in a later phase when operating systems are rewritten to prevent this. I think that just like we are moving to application-specific processing today, we will have operating system interfaces that are specific to user needs, and the OSes will be able to dynamically modify and add features based on what the user needs that day, or maybe even in the moment.
All of this will help make the world a safer place and eliminate many of the hacks we see today, and many of those in the future too. What if your mail client could evaluate every single link, file, etc., and containerize it, evaluate the implications of that link or file, and determine if you can open it or not. Email gateways can do some of that today, but combine those defensive abilities with operating systems and applications that are secure and the threat of getting hacked is greatly diminished. There is still the issue of passwords and identity, but that’s an area that is seeing great progress now and will only get better.
With vastly fewer hacks, the world becomes a safer place for schools, hospitals, critical infrastructure, elections and governments, and hacking groups will need to look elsewhere, perhaps credit card and ATM skimming unless those see similar security improvements.
I’ve architected IT environments at the highest security levels, and what I see based on these early AI projects gives me hope; the whole dynamic will change compared to what is happening today. But with all good, there is a bad too, and the bad will be worldwide, for everyone and everything.
Also read: Security Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats
The Bad News: Massive Economic Disruption
The downside of AI advances will be catastrophic for many “safe” jobs like software engineers, security analysts and other white-collar jobs. Anything that can be intelligently automated will require far fewer employees.
The loss of these well-paying jobs will have a ripple effect throughout the global economy, as tax revenues and consumer spending will take a hit, hurting industries that depend on those revenue sources.
There are more than 4 million software engineering jobs in the U.S., and roughly 27 million around the world. Since the 1960s and maybe even the 1950s, a programmer’s job could be a lifetime career, but almost all the people that have chosen this career would have to do something else. I am not sure what that will be, but they will have to get retrained, and likely they will have to do the retraining themselves.
This isn’t any different than what happened to American manufacturing, but the effects there were devastating, as secure middle-class prospects for many disappeared. Sadly, I think programmers will experience this same fate.
But the implications are even broader than that. Our education system has been designed to turn out people who can write code for computer systems (firmware, operating systems, and applications), that can develop tests for that code and maintain that code (create release packages etc.). Our educational system does not know how to change quickly, but when these changes come, they will happen quickly.
All programming jobs won’t be immediately eliminated, as there are specialized cases that need development that will likely be retained until AI catches up. This is no different than what happened in the auto industry. The easiest tasks were eliminated first by robotics, and as the development of robotic equipment advanced more jobs were eliminated. Programming in the sciences such as physics and chemistry and likely firmware will take far longer to move to AI than will, say, Python coding or database programming, but the trend toward commoditization has likely already begun.
Also read: ChatGPT Security and Privacy Issues Remain in GPT-4
The Future Is Already Here
Throughout human history, progress has never been able to be stopped for any significant time. There have been setbacks such as the Dark Ages, but the Renaissance came and we exceeded knowledge from before significantly. Since the invention of the steam engine, more and more jobs have been eliminated, and the trends are moving faster and faster. We cannot pretend that living in the past while the rest of the world is moving forward is going to end well for any nation or region. We must embrace change and progress, and develop frameworks for people to be successful. This means retraining education on a global scale for the survival of humanity, as many people are going to be very angry, as we have seen when jobs are eliminated and people have no idea what to do next. This would be a very good time for our leaders to stop appealing to the past and start embracing the future.
See the Hottest Cybersecurity Startups