If your organization starts using generative AI for security ops (like threat hunting or incident response), does that impact how you think about your team's roles/responsibilities? Would you expect to need fewer staff for SecOps, or even more? More or fewer high-skilled employees?

2.7k views1 Upvote3 Comments

Sort by:

CIO in Telecommunication2 years ago

I'd argue it's relatively unchanged. As the industry continues to consolidate tools and automate security functions, the threat actors are also innovating and using the same tools against you. In my experience we are simply shifting resources from older, but still necessary, security tools as they mature into newer threat defenses.

Chief Information Security Officer in Healthcare and Biotech2 years ago

Yes. It will be concerning; if the employees are not trained enough. I would be limit this services till the time we don't identify the potential risks.

Information and Security Office & Enterprise Data Governance/AI in Finance (non-banking)2 years ago

In short, 'yes', as we leverage AI for security ops the role of first-level soc analyst becomes redundant. Basic questions that first-level analyst performs such as reviewing the logs and creating events/alerts, can be automated based on prompt questions that can be responded to by the LLM model or ChatBot AI functionality. Even if you pay extra for the capability, the human expense is reduced.
I am not saying it today, but that is how we see it in the next 12 to 18 months as the features mature.

Content you might like

Is your team entirely located in the same time zone?

Yes46%

No53%

How prepared is your organization for the retirement of older IT employees and knowledge transfer to younger generations?

We're very prepared, we have solid plans in place20%

We're on track, but room for improvement69%

We're not prepared8%

Our IT org won't feel a major retirement impact1%

View Results

Which cybersecurity metrics do you currently use with your board?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

Have you used or evaluated any AI-driven SOC platforms? Do you think there are sufficient advantages to using an AI SOC analyst at this stage, or are you in ‘wait-and-see’ mode until solutions like this mature?

If your organization starts using generative AI for security ops (like threat hunting or incident response), does that impact how you think about your team's roles/responsibilities? Would you expect to need fewer staff for SecOps, or even more? More or fewer high-skilled employees?

Sort by:

Content you might like

Is your team entirely located in the same time zone?

How prepared is your organization for the retirement of older IT employees and knowledge transfer to younger generations?

Which cybersecurity metrics do you currently use with your board?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

Have you used or evaluated any AI-driven SOC platforms? Do you think there are sufficient advantages to using an AI SOC analyst at this stage, or are you in ‘wait-and-see’ mode until solutions like this mature?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go