Freely subscribe to our NEWSLETTER

Generative AI will drive self-service security, and help to alleviate the cyber talent shortage

Historically, security has been considered a highly specialised and technical profession. As a result, security teams in enterprises have borne the burden of keeping the organisation safe, alongside attempts to encourage involvement from technology users and staff to also take ownership by staying vigilant to help thwart phishing attacks and other scams.

Generative AI will change this in 2024, initiating a drive towards self-service cybersecurity. This technology will commoditise and democratise security by providing Natural Language Processing-based tools to enable employees to identify fraudulent activity independently and accurately, to effectively escalate to infosecurity teams as appropriate. Likewise, infosecurity teams will have at their disposal capabilities that automate time and resource-intensive processes across the cybersecurity spectrum. All this combined will make a marked stride in helping to alleviate the global cyber talent shortage.

Security governance expertise at the board level will become a priority

The world has reached a tipping point where need for continuous alignment of cybersecurity, business strategy and operation is indispensable. With the adoption of generative AI as a business tool, in addition to cybersecurity attacks, the risk of intellectual property and commercial data loss grows exponentially. The risk of breaching industry regulations such as HIPPA, GDPR and a host of similar country-specific data protection legislations is greatly increased too. ’Named’ expertise in and responsibility for active security governance at the board level will become a strategic priority.

Development of quantum-resistant cryptography will gain momentum

With growth in quantum computing, the cryptographic algorithms widely used to protect digital information appear to be falling short in their effectiveness. New quantum-resistant cryptographic algorithms are needed to protect against quantum computer-based attacks. Developing these algorithms will require planning, will take time, but the process will start in earnest in 2024. Organisations such as NIST and ENISA have already initiated this effort. Security developers will need to actively ensure that their software includes the latest cryptographic libraries as lagging behind in updating solutions will have serious implication for their customers.

Investment in security will see an upsurge to reflect generative AI

As much as AI is a tool that will help to make strides in strengthening cybersecurity defenses, it is also technique that is being widely deployed by threat actors to breach those safeguards with success. Following a period of relatively stationary budgets, enterprises will increase spending in security, investing especially in generative AI-based products, services and cybersecurity skills.

Whilst skills gap in the industry is a longstanding challenge, with the introduction of generative AI security products and the resultant growth of self-service solutions and demoncratisation of security, enterprises will revisit, both their cyber strategy and the type and level of skills needed for the future.