Cybersecurity Plus Data Science: The Career Path of the Future?
Data science and cybersecurity, two of the most popular career paths, are on a collision course. The combination of these two skill sets will become highly sought-after in the next decade.
- By Troy Hiltbrand
- January 16, 2018
Mention the worldwide talent crunch to IT managers and they will likely nod their heads in agreement as they regale you with stories of the struggles they face every day to find the right talent. If you push further and ask what positions are the most difficult to fill, you will almost certainly hear "data science" and "cybersecurity." Employees with these skills are hard to find and even harder to retain, especially when you are looking for mature talent. What happens when the next generation of jobs will require not just one of these skills but a combination of the two?
Many cybersecurity tool providers have been in a frenzy adding data science capabilities to their cybersecurity platforms. This includes factoring behavior-based analytics and responses into antivirus suites, firewalls, and traffic analyzers to make their products smart. Artificial intelligence and data science can augment traditional cybersecurity, but there is another area just as important. It's still in its infancy: the application of cybersecurity to data science and artificial intelligence (AI).
As a practice, cybersecurity is maturing quickly with frameworks such as the NIST Cybersecurity Framework and the Federal Information Security Management Act (FISMA) to guide how best practices can be applied to computer networks and software engineering to protect an organization's assets. The challenge becomes how to secure the black-box algorithms -- products of data science programs -- that learn and grow dynamically.
Because these analytics models are so highly valuable to enterprises, cybersecurity professionals will need to determine standards and methods for protecting these models and ensuring their integrity. To do so, they will need to protect these assets from the outside in and the inside out.
Protection from the Outside In
Just as cybersecurity professionals are trained and skilled at managing the perimeter of the network, they must develop controls around the perimeter of the black-box algorithms that are autonomously making business decisions.
This includes two areas of focus. First, they need to protect the data being fed into the model. The adage of "garbage in, garbage out" is true, but what happens when it is not garbage that is fed into a model but rather strategically manipulated data intended to create a malicious outcome? The evaluation and assessment of the "goodness" of the data being input into the model is one front that a cybersecurity professional can protect from the outside in.
Second, they need to protect the model itself. Data scientists are often more scientists than they are software engineers. Their focus is on research and development and creating new, exciting algorithms and models that can have major business impact.
The problem is that once these models transition out of the lab and into a production environment, rigorous controls (such as version control and access controls) need to be layered on these models to ensure they aren't modified to create business problems. Knowing where a model came from and that it has not been maliciously altered will become the crusade of cybersecurity professionals worldwide as they protect the perimeter.
Protection from the Inside Out
Models labeled as AI are, by nature, learning algorithms and are bound in a certain degree of uncertainty. Often, the model does not generate a definitive answer but rather a statistically probable answer. The challenge is that as behavior evolves over time, the performance of these models will also change. Unlike traditional software engineering that can incorporate unit tests that pass or fail based on expected outputs given a set of inputs, measuring an artificial intelligence model can prove to be more troubling. However, it is still an important area for cybersecurity professionals to cover as they strive to protect the business.
One of the fundamentals of data science is the need to monitor a model's performance once deployed into production. Traditionally this has been a point of operational effectiveness so the data science team knows when the behavior has evolved past initial constraints and needs updating to accurately represent new business conditions.
In addition to this operational effectiveness reasoning, monitoring a model is one way to monitor that the inner workings of the model are functioning as planned. Anomalous divergence could indicate nefarious activity by entities with malintent. Cybersecurity professionals can catch trends in the model's output and performance and thus detect and prevent danger to the enterprise.
Another mechanism to protect these models from the inside out is to establish results thresholds. Regardless of the model outcome, if these thresholds are exceeded, the transaction can be put into a holding area until it can be reviewed for legitimacy. An example of this could be limits on stock trades associated with algorithmic trading. The model itself is generating decisions about when to trade, when to sell, and at what price. Ceiling or floor price thresholds (at which price a stock is sold) would prevent hackers from tampering with the model constraints in order to manipulate the stock market.
Whether cybersecurity on artificial intelligence is from the outside in or the inside out (or both), the convergence of cybersecurity and artificial intelligence is poised to be one of the hottest areas of IT growth in the coming years. With a talent crunch today for both cybersecurity and data science professionals, be aware that this up-and-coming job role of artificial intelligence cybersecurity is on the near-term horizon. Cross-train your teams now and set cybersecurity practices and AI controls early to stay ahead of the competition.
Troy Hiltbrand is the chief digital officer at Kyäni where he is responsible for digital strategy and transformation. You can reach the author at firstname.lastname@example.org.