The concept of treating artificial intelligence (AI) like a human is gaining traction in the cybersecurity industry, as it offers a new perspective on how AI tools can be utilized by professionals. Doug Kersten, Chief Information Security Officer (CISO) of Appfire, explores this approach in an interview with Help Net Security, highlighting the implications and benefits of this mindset shift.
By considering AI as a collaborative partner with human-like characteristics, cybersecurity teams are encouraged to approach its use with caution and awareness of its limitations. While AI presents innovative capabilities and transformative potential, it is not immune to errors or vulnerabilities, much like humans. This necessitates a more nuanced approach to AI security controls, focusing on ensuring accuracy and reliability in its outputs.
The evolving landscape of AI technology poses challenges for cybersecurity leaders, requiring them to adapt quickly and collaborate closely with various teams within an organization to align AI initiatives with strategic goals. Traditional security practices still apply, but they must evolve to accommodate the unique nature of AI and its user-driven but human-like behavior.
The principle of “trust, but verify” is essential in AI interaction, as blindly relying on AI-generated outputs can lead to security compromises and decision-making errors. Cybersecurity teams must scrutinize AI outputs, considering the data on which the AI models were trained and monitoring for potential adversarial manipulation that could compromise system integrity.
Effective human oversight of AI involves implementing policies, processes, and accountability structures to manage AI risks, measure performance indicators, and ensure ethical and accurate decision-making. Organizations must establish frameworks for prioritizing risk, monitoring AI systems, and continuously improving AI governance to keep pace with technological advancements.
In cases where an AI system makes a mistake or misjudgment, accountability lies with the teams responsible for creating and overseeing the AI tools. Collaboration between security, legal, and compliance teams is vital to establish governance structures that address accountability for AI-driven decisions and enable timely intervention in case of errors.
While AI technology continues to advance, the need for human oversight remains critical in ensuring accountability and ethical standards are upheld. AI is designed to complement human judgment, and the collaboration between humans and AI is likely to remain a cornerstone of cybersecurity practices. However, the future trajectory of AI technology is uncertain, and it is possible that AI may evolve to require less human oversight in certain applications.
Overall, the evolving relationship between AI and cybersecurity professionals highlights the importance of considering AI as a collaborative partner with human-like traits, necessitating a proactive and adaptive approach to leveraging AI tools in the ever-changing cybersecurity landscape.