The Expert View: The Future of Network Security in the Age of AI

The convergence of network and security operations has become a talking point across the cybersecurity industry. At a recent TEISS dinner briefing at the House of Lords, sponsored by BT and Fortinet, security leaders explored the pros and cons of network-security convergence in a world where threats are growing more complex and artificial intelligence (AI) can act as both a threat vector and a defensive tool.

 

“We might be competitors but when it comes to cybersecurity we are all in this together,” Lee Stephens, Principal, Security Advisory Services, BT, told attendees – all senior security experts from a range of sectors.

 

That sense of shared responsibility shaped the evening’s discussion, which explored the limits of structural change and the need to align people, systems and incentives in a rapidly evolving threat landscape.

 

A familiar idea, newly urgent

Some participants began by pointing out that convergence isn’t new. Twenty years ago, many firms simply had a “network and security” team. But as organisations grew more complex, the functions split, often for good reason. Now, the pressures of today’s environment are bringing them back together.

 

One reason is technical: attackers rarely confine themselves to a single domain. Distraction techniques, such as diverting attention to one part of the network while exploiting another, are increasingly common, requiring coordination between teams that may not typically collaborate.

 

Another reason is historical. One attendee described having to take over network operations from colleagues who lacked the necessary security awareness. Others questioned whether networking had become “just plumbing” - a utility function that should fall under the security remit.

 

Still, not everyone saw a need for formal convergence. “I think teams should be kept separate,” said one guest, “but network operations should have security skills and security should have networking skills.” Several argued that the more pressing challenge isn’t organisational structure, but clarity over priorities and responsibilities. What are the organisation’s crown jewels? What threats are most relevant? And who is responsible for protecting what?

 

Security starts with understanding

Much of the conversation focused on communication, not between systems, but between people. The cybersecurity team, attendees agreed, is too often perceived as a blocker. That perception becomes especially risky in fast-moving areas such as AI, where workers in the business often experiment with tools like ChatGPT, even without official approval.

 

“If you lock it down,” one guest observed, “people will find a way around it.” Several participants described how employees had turned to personal devices or unmonitored applications to bypass internal restrictions. Better, they said, to offer approved alternatives and explain the reasoning behind any limitations.

 

Participants agreed that fear can be a motivator: demonstrating the consequences of poor security, for example, can focus minds. But this is often a short-term fix that is no substitute for long-term cultural change. Unless people believe in the logic of a policy, and trust those delivering it, they are unlikely to follow it.

 

In other words, sustained education is often more effective than reactive enforcement. “Eighty per cent of your budget should go on people,” said Adrian Brookes, Strategy and Technology Officer at Fortinet. “Twenty per cent on tech.”

 

AI’s growing role on both sides

That point is especially relevant given AI’s role in today’s security landscape. While staff are potentially skirting security processes to use generative AI tools, defenders are relying on AI to triage alerts, reduce false positives, and prioritise real threats.

 

BT, for example, has applied AI techniques for decades, long before the term became widespread. “We’ve used it to protect ourselves and our customers,” said Stephens, noting that automation allows human analysts to focus on higher-value work. “AI helps us scale our defences without losing sight of what matters.”

 

Still, the group was cautious about overstating AI’s potential. Any use of automation requires oversight, and a willingness to interrogate results.

 

Tools matter but relationships matter more

The discussion turned briefly to vendor strategy. Some organisations favour single-provider ecosystems, valuing simplicity and integration. Others prefer to assemble a mix of best-of-breed tools, tailoring solutions to specific needs.

 

Neither approach is without trade-offs. A single vendor means just one contract to sign and a clear line of support but can leave organisations dependent on a single partner. A multi-vendor environment increases complexity and the risk of coverage gaps but allows for greater flexibility.

 

BT’s approach, said Stephens, is to integrate compatible tools and manage them through a unifying platform layer. But whatever the configuration, attendees emphasised the importance of strong vendor relationships. As one participant put it: “What matters is whether your vendor will go the distance with you.”

 

The internal frontier

For all the technical challenges discussed, the most persistent theme was human. In many cases, the biggest obstacle isn’t the attacker. It’s the organisation itself.

 

“There’s plenty of threat activity to contend with,” said Stephens. “But often, the toughest battles are internal: getting people aligned and pulling in the same direction.”

 

Brookes agreed. “Everyone in the room understands that the role of the security team is changing,” he said. “The role of security is to enable the business, not just to say no.”

 

---

To learn more, please visit: www.bt.com & www.fortinet.com