SAN FRANCISCO -- The internet has redefined connectedness, but it has also unleashed unprecedented threats to our...
society, Rami Rahim, CEO at Juniper Networks, told the audience at RSA 2018 in San Francisco this week.
The internet has empowered criminals with three unfair advantages, Rahim said: It has eliminated time, distance and identity constraints that are associated with traditional crimes. The speed and the ubiquity of the internet means an attack can happen without warning, from any location and with complete anonymity, he added.
As the internet continues to scale and thrive, now is the time to focus on preventing adversaries from exploiting these vulnerabilities, the Juniper CEO said.
"Our call to action today is simple and straightforward: We need to be agents of change … with the goal of evolving cybersecurity tools, technologies and processes," Rahim said during his keynote address at RSA 2018.
For these agents of change in IT, Rahim said the mission is twofold: It requires implementing automation in cybersecurity and developing the next generation of cybersecurity professionals.
Automation in cybersecurity
Humans simply cannot keep up with the threats associated with the scale and the velocity of data being processed every day, so it is imperative to continue to develop technology that improves and provides us with an effective "threat shield," Rahim said.
One of the most effective ways to stop threats is to understand the underlying behavior driving them. For example, it's important to fight malware that constantly evolves in order to evade traditional threat detection techniques, he said.
Rami RahimJuniper CEO
"That behavior analysis and the lessons gained from that, and the dissemination of intelligence worldwide in near real time, is one of the most compelling use cases for automation in our industry," Rahim said.
But for some in IT, automation has a bad connotation because of the misguided view that it has a negative effect on their jobs, he said.
Automation in cybersecurity is inevitable, however. As it continues to evolve, the collaboration between humans and machines becomes increasingly important, Rahim said. He envisions a future where humans and machines will interact in unique and compelling ways, he said.
"The goal is that the whole is greater than the sum of the parts," Rahim said.
The intelligence of machines, coupled with the wisdom and intuition of humans, can provide three compelling benefits, he said:
- retrospective analysis, or the ability to look back and understand what happened and why;
- current analysis, or the ability to eliminate threats early in the cyber kill chain; and
- predictive analysis that uses AI and data to predict and prevent an attack before it actually happens.
"This is the true power of AI: Artificial intelligence, coupled with rich data, gives us the ability to predict the future, to determine when a bad outcome is going to happen before it actually happens and before it can actually do harm," Rahim said.
Juniper CEO on the cybersecurity talent shortage
But as organizations lean into automation that emphasizes the working relationship between AI and humans, they must not lose sight of the importance of talent, Rahim reminded the audience at RSA 2018.
The proliferation of automated IT processes does not eliminate the need for human intelligence and human intuition, he said.
"As agents of change, our responsibility is to make sure that we develop the next generation of humans that can keep up with the challenges that we face," he said. "There is no amount of AI that can solve the problems holistically."
There will be two million unfilled cybersecurity jobs by 2019, Rahim said, so it's time to think outside of the box when looking at ways to solve the cybersecurity skills shortage problem, he said.
In addition to working with universities, startups and entrepreneurs to help train the next generation of cybersecurity professionals, Rahim pointed to a proposal by Michèle Flournoy, former U.S. undersecretary of defense for policy, to craft a program akin to ROTC to help create a pipeline of cybersecurity talent.
In the program Flournoy envisioned, students in computer science programs would compete for government-funded scholarships that would cover their university costs. In return, they would owe the government five years of service where they would be assigned to an agency. At the end of those five years, they could compete for a permanent job at those agencies or leave to pursue jobs in the private sector.
"The human element is the most essential element," Rahim said. "We must knock down the status quo; we must be agents of change."