Recently, I was asked by a colleague “How has Cyber Security changed in the past 5 years”. This is roughly the amount of time I have been in this field and my answer was that the field has been absolutely decimated. My first thought was that the advent of LLM’s such as ChatGPT is stealing the jobs from knowledgeable well capable coders like myself and many others. But as I thought about it more I realized that the problem is more profound than that.
Recently I watched a video from Smarter Everyday Linked Below. Where he attempts to make a product purely in America.
This attempt lead him down a rabbit hole of finding people to make the product locally, realizing a deficiency of people to design the needed parts. And most Importantly in my opinion
The Over-Reliance of Someone Or Something Else to Do Our Jobs for Us
As coders, Cyber Security Professionals, or what ever flavor of this world you associate with the best, from day one we are building algorithms and scripts to do a task for us. Vibe Coding is a byproduct of this, we now have a tool that will build the algorithms and scripts for us. And most of the time this tools is better and more well thought out than what many of us (I would argue all of us) is capable of, and it can do it in 30 seconds. WHY NOT USE IT. Just like factory workers when automation of car manufacturing were affected, we are now affected.
But as I said in the beginning it is more than just LLM’s
I recently read a case-study published in 2018 about the 2013 Target Breach. One piece stood out to me in reference to this.
“Target also completed the
implementation of a $1.6 million malware detection tool
developed by the cybersecurity company FireEye in 2013″
“On November 30, 2013, security operations personnel in
Bangalore, India, received a notification from their malware
detection software that some potentially malicious activity was
recorded on the network. The alert was shared with security
personnel in Minneapolis, but no further action was taken.
Another alert was raised on December 2, 2013, but again no
action was taken.”
My class and I discussed this and it boiled down into 2 main points
There was an Over-reliance of the malware tool to do its job.
The security team was overwhelmed in what is known as Alert Fatigue from the newly implemented Software.
I’ve worked in IT for a few years now, and have fallen into this. You know and trust your system or automation and then fail to realize the danger you might be falling into head first. Over reliance in the tools we develop and use everyday instead of a full understanding of the systems at play lead us into this same problem every time.
“A nervous pilot never dies”
To say this could mean a few different things, but mainly being when we are causious of the environment that we operate in, then naturally we catch more. But the moment we become use to it, for instance 15 false alerts a minute, then we become more and more likely to miss something malicious. AI is great here, and I feel obligated to mention that the advent of AI/ML is in incredible tool, something that can detect malicious from false alert. This differs from LLM’s as instead of finding the patterns and having programmed responses like ML does, LLM’s only rewrite the tool entirely.
On top of this, when we develop something ourselves most of us unconsciously use whats known as the ADR (Action Design Research) Method. This methodology of development represents a repeating iterative design that focuses on pairing the artifact being developed with the organizational problem we are trying to solve. Automation of Automation goes out of this process entirely. The single person behind the chat becomes the organization and fails to understand or implement the full context of the problem.
If we sit back and let the LLM’s do our jobs and trust they have better knowledge than the team who’s job it is to track these problems down, we aren’t any better than shipping our blue-collar jobs overseas to China. Sure it makes the problem cheaper, but we lose the ability to assure ourselves or our business that if something new comes around the corner that we are prepared.
“There will always be a high demand for IT professionals”
Even in this world of post LLM’s.
“Keep typing” – Lazier
Citations:
Plachkinova, Miloslova and Maurer, Chris (2018) “Security Breach at Target,” Journal of Information Systems Education: Vol. 29 : Iss. 1 , 11-20.
Available at: https://aisel.aisnet.org/jise/vol29/iss1/7