Most individuals know the story of Paul Bunyan. A large lumberjack, a trusted axe, and a problem from a machine that promised to outpace him. Paul doubled down on his outdated means of working, swung more durable, and nonetheless misplaced by 1 / 4 inch. His mistake was not shedding the competition. His mistake was assuming that effort alone might outmatch a brand new type of software.
Safety professionals are going through an identical second. AI is our fashionable steam-powered noticed. It’s quicker in some areas, unfamiliar in others, and it challenges quite a lot of long-standing habits. The intuition is to guard what we all know as a substitute of studying what the brand new software can really do. But when we comply with Paul’s method, we’ll discover ourselves on the improper facet of a shift that’s already underway. The suitable transfer is to study the software, perceive its capabilities, and leverage it for outcomes that make your job simpler.
AI’s Function in Each day Cybersecurity Work
AI is now embedded in nearly each safety product we contact. Endpoint safety platforms, mail filtering programs, SIEMs, vulnerability scanners, intrusion detection instruments, ticketing programs, and even patch administration platforms promote some type of “clever” decision-making. The problem is that almost all of this intelligence lives behind a curtain. Distributors shield their fashions as proprietary IP, so safety groups solely see the output.
This implies fashions are silently making danger choices in environments the place people nonetheless carry accountability. These choices come from statistical reasoning, not an understanding of your group, its individuals, or its operational priorities. You can not examine an opaque mannequin, and you can’t depend on it to seize nuance or intent.
That’s the reason safety professionals ought to construct or tune their very own AI-assisted workflows. The purpose is to not rebuild industrial instruments. The purpose is to counterbalance blind spots by constructing capabilities you management. Once you design a small AI utility, you identify what information it learns from, what it considers dangerous, and the way it ought to behave. You regain affect over the logic shaping your setting.
Eradicating Friction and Elevating Velocity
A big portion of safety work is translational. Anybody who has written complicated JQ filters, SQL queries, or common expressions simply to tug a small piece of knowledge from logs is aware of how a lot time that translation step can eat. These steps decelerate investigations not as a result of they’re troublesome, however as a result of they interrupt your stream of thought.
AI can take away a lot of that translation burden. For instance, I’ve been writing small instruments that put AI on the entrance finish and a question language on the again finish. As a substitute of writing the question myself, I can ask for what I need in plain English, and the AI generates the proper syntax to extract it. It turns into a human-to-computer translator that lets me deal with what I’m attempting to research fairly than the mechanics of the question language.
In apply, this permits me to:
- Pull the logs related to a particular incident with out writing the JQ myself
- Extract the info I would like utilizing AI-generated SQL or regex syntax
- Construct small, AI-assisted utilities that automate these repetitive question steps
When AI handles the repetitive translation and filtration steps, safety groups can direct their consideration towards higher-order reasoning — the a part of the job that really strikes investigations ahead.
It’s also essential to do not forget that whereas AI can retailer extra info than people, efficient safety isn’t about figuring out every little thing. It’s about figuring out the best way to apply what issues within the context of a company’s mission and danger tolerance. AI will make choices which are mathematically sound however contextually improper. It’ll approximate nuance, however it can’t actually perceive it. It could actually simulate ethics, however it can’t really feel accountability for an final result. Statistical reasoning isn’t ethical reasoning, and it by no means can be.
Our price throughout offensive, defensive, and investigative roles isn’t in memorizing info. It’s in making use of judgment, understanding nuance, and directing instruments towards the appropriate outcomes. AI enhances what we do, however the choices nonetheless relaxation with us.
How Safety Professionals Can Start: Expertise to Develop Now
A lot of as we speak’s AI work occurs in Python, and for a lot of safety practitioners it has historically felt like a barrier. AI modifications that dynamic. You possibly can specific your intent in plain English and have the mannequin produce many of the code. The mannequin will get you many of the means there. Your job is to shut the remaining hole with judgment and technical literacy.
That requires a baseline degree of fluency. You want sufficient Python to learn and refine what the mannequin generates. You want a working sense of how AI programs interpret inputs so you’ll be able to acknowledge when the logic drifts. And also you want a sensible understanding of core machine studying ideas so you understand what the software is doing beneath the floor, even in case you are not constructing full fashions your self.
With that basis, AI turns into a pressure multiplier. You possibly can construct focused utilities to investigate inner information, use language fashions to compress info that may take hours to course of manually, and automate the routine steps that decelerate investigations, offensive testing, and forensic workflows.
Listed below are concrete methods to start out creating these capabilities:
- Begin with a software audit: Map the place AI already operates in your setting and perceive what choices it’s making by default.
- Interact actively along with your AI programs: Don’t deal with outputs as last. Feed fashions higher information, query their outcomes, and tune behaviors the place doable.
- Automate one weekly process: Choose a recurring workflow and use Python plus an AI mannequin to streamline a part of it. Small wins construct momentum.
- Construct mild ML literacy: Be taught the fundamentals of how fashions interpret directions, the place they break, and the best way to redirect them.
- Take part in group studying: Share what you construct, evaluate approaches, and study from others navigating the identical transition.
These habits compound over time. They flip AI from an opaque function inside another person’s product right into a functionality you perceive, direct, and use with confidence.
Be part of me For a Deeper Dive at SANS 2026
AI is altering how safety professionals work, however it doesn’t diminish the necessity for human judgment, creativity, and strategic pondering. Once you perceive the software and information it with intent, you turn out to be extra succesful, not much less obligatory.
I can be protecting this matter in larger element throughout my keynote session at SANS 2026. If you’d like sensible and actionable steering for strengthening your AI fluency throughout defensive, offensive, and investigative disciplines, I hope you will be a part of me within the room.
Register for SANS 2026 right here.
Be aware: This text was expertly authored by Mark Baggett, SANS Fellow.
Elevate your perspective with NextTech Information, the place innovation meets perception.
Uncover the most recent breakthroughs, get unique updates, and join with a world community of future-focused thinkers.
Unlock tomorrow’s traits as we speak: learn extra, subscribe to our publication, and turn out to be a part of the NextTech group at NextTech-news.com
