Cybersecurity is a growing concern for organizations as they sprint to bring AI into the enterprise.
Amid deployment efforts, AI security issues have surpassed ransomware for nearly one-third of security chiefs, according to Arctic Wolf data. The technology’s reliance on company data to create accurate results puts cybersecurity front and center.
In June, CIO Dive spoke with Mark Ryland, director of security at Amazon, about AI’s rapid rise, how executive concerns are evolving and the impacts the technology is having on cybersecurity defense.
Editor’s note: This interview has been edited for length and clarity.
INDUSTRY DIVE: What is it about these latest iterations of AI, be it generative or agentic, that makes it a greater security challenge in certain respects? Why are we seeing higher concern related to AI?
MARK RYLAND: The fact that these are non-deterministic systems that can give different results with the same input: That’s something that computer people have never been accustomed to. And the fact that people are just trying to apply these tools across a broad range of business problems is also a factor. We’ve seen hype cycles before, but this one is a little different. There is major transformation happening, for sure, and business transformations that will result from the use of this powerful technology that can use structure and unstructured data.
How has AI changed cybersecurity work for organizations? Where do you foresee it having its greatest impact?
It’s already having a big impact, starting with something very simple like human language queries of analytics tools. If I’m training a cybersecurity analyst, now they can just ask intelligent questions in human language and get very good results very efficiently. Another area that we see immediate benefit is contextual summarization. If there’s a security issue, a human files a ticket that says, “Hey, I think there’s something wrong here,” and now, an AI system can bring in an entire corpus of similar tickets that a human might not have been able to find with a text search. On the proactive security side, our AppSec team is using AI for better, automatic test generation. There are lots of benefits already that we’re seeing, and I feel like we’re just getting started.
How will the adoption of these technologies impact the cybersecurity sector workforce?
I think the desirable outcome, and the one that we’re working toward, is increasing the capacity of human experts to be much more efficient and do work that was difficult to do. At the same time, we don’t want to stop the process by which humans develop expertise and judgment in these areas. As an industry, we have to find a way to continue to train people, but at the same time recognize that the tools can do a lot of the work that they used to do. I think maintaining a goal of keeping human expertise at a high level is important.
How can organizations improve their cybersecurity posture as they adopt agentic AI?
What we were advocating for people to do is to continue to use deterministic checkpoints on an agentic system. If you use identity-based controls, you have the ability to lock things down – this identity can only access this set of data. Then, if an agent is running as that identity, you’ve now constrained the ability of the agent to do things that you don’t want it to do. Treat the agent itself as a human actor that can also make mistakes. “Human-in-the-loop” will also be important for a while. Human-supervised feedback can also become part of a model which then improves the accuracy of the agents.
Do you have any advice for how IT and security can work more collaboratively with each other?
You’ve got to make security just as much a part of the goals you’re trying to achieve as performance, costs or any other kind of criteria in an engineering effort. We’ve got to get to a point where the easiest path is a secure path, where software engineers are given an environment in which they write the business logic, but everything else is built right in for them. Another pattern that we’ve seen help is creating a cloud Center of Excellence, a joint skills team with the CTO, the CIO, CISO, all contributing experts can help engineering teams to modernize and onboard to cloud technology.
