Upskilling for AI in cyber-security

James Walsh at Hays explains why understanding and adapting to the potential of AI is essential for today’s cyber-security professionals

 

Artificial Intelligence (AI) is arguably evolving at a faster rate than the regulations, skills and security necessary to adapt to, and take advantage of, these advancements in technology. However, rather than fear the threat of AI and accept defeat, professionals and employers who up their game and face AI with optimism and an enthusiasm to upskill will be in a much better position to tap into its potential. 

 

Although many employers feel as though they are caught up in an arms race with AI, businesses will benefit from responding in a rational and forward-thinking way, by building a strong workforce with the right skills to be able to grow and progress alongside the evolution of AI. 

 

Whilst the rapid rise of AI has exacerbated cyber-attacks in terms of volume and impact, it has also created an increase in demand for skilled cyber-security professionals who are attuned to the risks, as well as the rewards, of AI’s ongoing development.

 

According to our 2024 Global Cyber-Security Report, which received over 1,000 responses from CISOs and cyber-security leaders worldwide, nearly two thirds of respondents (63%) based in the UK say they are struggling to attract the right talent. The struggle for talent is predominantly due to the widespread skills shortages, paired with high salary expectations in today’s talent pool.

 

So, what can employers do to compete for talent in a tough market, so that they are armed with the necessary tools in today’s AI era? 

 

Invest in training and development 

There is undoubtedly a shortage of experienced cyber-security professionals, as more and more people struggle to keep their skills up to date, but employers can respond to this with the relevant strategies to create, rather than just consume, cyber-security talent.

 

In order to solve tomorrow’s challenges, developing a pipeline of cyber-security talent needs to become a priority today, by offering professionals appealing training and development opportunities. Investing in the professional development of staff is not only an effective way of attracting and retaining talent but also a vital method for keeping up with the ever-growing presence of AI. 

 

However, too many employers are missing a trick; our report reveals that almost two thirds (65%) of organisations do not have a cyber-talent development programme. Our research also found that just over half (56%) of organisations currently invest 5% or less of their cyber-security budget into talent development.

 

At present, we’re seeing many organisations failing to take responsibility for identifying and developing future talent, which is needed if companies are serious about closing their cyber-skills gaps. Organisations with a commitment to nurture the next generation of talent will stand out for the right reasons from a talent attraction and retention perspective.

 

As the capabilities of AI tools improve, the skills we possess also need to get stronger, so employers who invest in upskilling will undoubtedly be better equipped to adjust to new AI tools and technologies. When it comes to AI training specifically, over half of employers (53%) say they will have trained their cyber-security workforce to use AI tools within the next year. On the other hand, a quarter (25%) of organisations are not planning to train their workforce to use AI tools at all, and these are the businesses that will get left behind. 

 

AI: an opportunity not a threat

Although majority (86%) of employers say they are concerned about the potential risks of AI-based attacks on their organisation, 87% of employers also believe that AI will be useful in improving their cyber-security team’s capabilities. As such, it’s about finding a balance between proceeding with caution and vigilance in the face of AI and proactively working to unlock the benefits AI could bring to your business.  

 

Our research shows that organisations are split on whether AI tools will replace cyber-security professionals. Although almost half (47%) of employers don’t believe AI will impact headcount, two in ten (20%) believe AI will impact headcount in two years, followed by 18% who say AI will take its toll on cyber-security talent in one year.

 

However, as the risk of cyber-attacks increase along with the growing power of AI, skilled professionals will be in high demand so AI will also fundamentally support the creation of new jobs. 

 

Similarly, AI could be used to fight back against the bad actors, and more than half of employers (53%) claim they will have trained their cyber-security workforce to use AI tools within the next year. That being said, a quarter (25%) of organisations are not planning to train their workforce to use AI tools at all; employers who decide to go down this route will be confronted with many challenges. Failure to adopt these technologies, albeit in a cautious and safe way, could leave organisations playing catch-up to attackers who are quicker to explore and utilise vulnerabilities. 

 

A massive security risk

Ultimately, there’s no denying that AI presents a massive security risk for organisations and the risk of complex and sophisticated cyber-attacks is only set to rise. However, cyber-security employers and professionals alike have a responsibility to invest in their own training, development and upskilling in order to enhance their own capabilities and to stay resilient.

 

In a competitive market, where experienced cyber-security experts come at a premium, providing professionals with valuable opportunities to upskill and develop their career is essential for organisations. 

 

There is no shortage of desire to work and upskill in cyber-security, but the challenge is overcoming the constant perceived requirement for ‘ready-made’ talent. As AI tools could be implemented to support cyber-security professionals rather than replace them, upskilling and training on these technologies becomes an even greater priority.

 

It’s important for employers to facilitate an open dialogue about AI with their staff, to encourage transparency and an environment for professionals to learn and grow rather than dread the rise of AI.  

 

---

 

James Walsh is a Director at Hays UK&I specialising in cyber-security

 

Main image courtesy of iStockPhoto.com amd Adrian Vidal