Why AI Won’t Bail You Out of Complex Cybersecurity Problems

This month, PacketWatch CEO Chuck Matthews discusses how Artificial Intelligence can't solve some of cybersecurity's most pressing problems. Read on to hear his perspective.

It’s a challenge to listen to the news today without hearing someone expounding the virtues of artificial intelligence (AI) and how it will solve every problem mankind experiences, especially for the cybersecurity industry. AI is expressed as the panacea to eliminating the need for more technical staffing.

By the Numbers: CISOs are Betting on AI

According to a recent study of CISOs, 86 percent believe that generative AI will alleviate skills gaps and talent shortages that they presently have on the security team. They believe AI will somehow automatically detect and prevent all evil.

Well, maybe not, but 61 percent of CISOs say they will likely start leveraging AI in the next 12 months.

Complex Problems and Complicated Solutions

Cybersecurity is a complex problem and AI is a complicated solution. Placing all your hope on AI to solve the cybersecurity problem may lead to more frustration than success.

Recently, I listened to an interview of Arthur C. Brooks, a professor from the Harvard Business School describing some of his father’s wisdom on solving problems.

His father, an acclaimed mathematician, said that there are two kinds of problems in life: complicated problems and complex problems.

He went on to say complex problems cannot be solved by complicated solutions.

In this case, “complex” and “complicated” are not synonyms; they mean very different things.

Complicated problems, like designing a bridge over the Grand Canyon, can be solved with sufficient computational power and technology, while complex problems cannot.

Complex problems, such as convincing people that building such a bridge is worthwhile and somehow good for the environment, cannot be accurately simulated or solved. (For clarity, I am not advocating such a visual blight on a natural wonder.)

Many complex problems originate from interactions between human beings.

Cybersecurity is largely a function of human actions (e.g., to click or not to click) and is inherently complex.

If we apply Mr. Brook’s father’s axiom, complicated solutions, like computers, algorithms, and AI, should not be expected to solve complex cybersecurity problems alone. If we do, we will be disappointed.

The aforementioned solutions certainly play a role in automating repetitive tasks, performing correlations, and determining anomalies. Freeing humans to focus more proactively on the balance of the cybersecurity problem is worthy alone.

However, changing human behavior (a complex problem) is necessary to conquer the cybersecurity problem. AI cannot do that.

Conclusion: Don't Buy the AI Hype

So, don’t buy into all the hype about AI today. No doubt, one day, the news will be filled with dashed hopes of what AI should have done for cybersecurity. Instead, know that humans will always be the key to solving complex cybersecurity problems.  

We have an entire team ready to support you if you need help with your ongoing cybersecurity operations. Contact us for a free consultation.

Chuck Matthews is the CEO of PacketWatch, a US-based boutique cybersecurity firm focused on incident response, managed detection and response, forensics, and advisory services utilizing their proprietary network-based threat-hunting platform.