There’s still a place for the human touch.
AI is driving the future of cybersecurity, but even with all the innovations the technology is introducing, the framework of existing, human-driven security remains necessary.
At RSAC, the April tech conference in San Francisco that brings together security experts from around the world, IT Brew attended a roundtable featuring leaders from Accenture, Nvidia, and CyberArk. During the conversation, and in discussions following the panel, we learned about how these cybersecurity trendsetters are looking at the role of AI in the industry.
Nvidia CSO David Reber said during the panel that while the tech was evolving fast, human control is still important—even as we talk in terms of petabytes.
“AI is just software, data is just software,” Reber said. “However, it’s a size and scale that we’ve not had to comprehend before, so your typical cyber solutions, it’s an upgrade.”
More data doesn’t mean less human involvement. The scale means that there’s more space between where human controls are put in place—they’re still necessary, just diffused. It’s making for an exciting time in the industry, CyberArk CEO Matt Cohen told the panel audience.
“When I thought this industry was plateauing and getting boring, AI came and it was really exciting,” Cohen said.
Control means taking AI frameworks and secure infrastructure and data and managing their security from a human standpoint. Managing those workloads, Cohen said, may tend toward agentic AI and containers in order to approach the scale and time horizon of the tech’s change to workflows.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
“As we evolve and as organizations take their pages from those concepts and actual production use, I think we’re going to see what assumptions we have to change,” Cohen said.
Follow up. Ultimately, the goal is for AI to be able to take high-level concepts and reproduce them as code, Reber told IT Brew in a later interview. Data can be executable code—all it needs is the right inputs and data.
“I’m able to use a natural human language and it will then turn it into executable code, and then action,” Reber said.
Elsewhere at the show, we talked to RSA CEO Rohit Ghai, who told us that AI is changing the game for security—but that the basics around identity access management and other aspects of the security posture remain set in stone and subject to human oversight.
“The good guys can use AI to deliver identity security posture management by analyzing and showcasing instances of under or unused credentials,” Ghai said. “A typical user, they only use 10%, 15% of their entitlements. The rest of the 85% is ripe for the taking.”