Cybersecurity professionals have invested time and energy into understanding and working with the security tools, protocols and tradecraft that protect and monitor the machines that drive business. Yet, this same machinery is rapidly becoming more efficient in securing itself.
And therein lies a paradox. We’re training the machines to gradually do security on their own — but by doing so, we’re reducing or changing the value humans bring to the equation. This leaves some professionals wondering how they can stay relevant.
With the widespread adoption of orchestration and automation platforms, we’re seeing an inevitable shift. Responsibility for certain data-heavy, high-volume, repeatable security tasks (for example, basic incident triage and remediation) are being transferred from the fallible human to the high-assurance machine.
As soon as 2020, Gartner reports, 15 percent of organizations will be using automation as part of normal security operations, up from 1 percent in 2017. Another recent study found that by 2030, as many as 375 million workers may need to switch occupational categories due to automation.
Some Cybersecurity Jobs Require Human Ingenuity
This movement is seeking to reduce the friction of human interference — and with good reason. As Oracle founder and CTO Larry Ellison said in 2017, “It can’t be our people against their computers — we’re gonna lose that war. It’s gotta be our computers versus their computers.”
As we ride this wave of increasing automation, where does this leave the human in the cybersecurity discipline? As machines become more capable, what jobs and skills remain uniquely human?
Let me be clear: There will be a lot of opportunity left for humans for decades to come. Because cybersecurity is a game of agility and ingenuity, we need fresh ideas. Humans generate those. Machines can’t.
Sample jobs that will continue to need a human touch might include strategy-oriented positions: people who can analyze how an agency is changing and imagine a new cybersecurity strategy for it, or threat analysts who hunt through complex data stores to connect the dots about what an adversary is seeking to do in an environment.
A focus on architecture requires someone who can create original ways to deploy security infrastructure for maximum impact and efficiency. Separately, transformation managers guide investment prioritization, align projects and capabilities, and ensure proper resourcing is in place.
Machines aren’t replacing humans in cybersecurity, but rather displacing them — pushing them to evolve their skills and take on jobs that serve as important enablers to the machines.
MORE FROM FEDTECH: Find out how the government plans to reskill workers for cybersecurity roles.
Humans Need Timeless, 'Soft' Cybersecurity Skills
What’s special about the jobs listed above is that they’re not machine-driven. While machines might support them, these jobs rely on innately human skills centered on the “four C’s”: critical thinking, communication, collaboration and creativity. These are the skills that change hearts and minds, inspire a following, devise compelling technical solutions and — ultimately — change the world.
The four C’s are timeless skills that don’t get nearly enough attention in the cybersecurity field, either on the job or in formal education forums. Cyberprofessionals moving up the ladder or simply seeking to exert more influence will find these are make-or-break skills that can propel them forward.
Those with extraordinary cyber career aspirations should think hard about the skills they’re developing. Don’t just develop the hot technical skills of today; build specific skills that will endure as well.
Senior executives, midlevel security operations center analysts and aspiring high school students alike need to know that investing in these skills could mean the difference between having an amazing professional experience and losing out to a machine.