AI is changing the way we work. How can cyber security students and professionals learn the skills required to defend these Artificial Intelligence systems?

Cybersecurity professionals and technology have had the same relationship for decades: A new technology emerges, the infosec community explores, pushes, breaks, and ultimately helps harden it. Artificial Intelligence is no different. Seemingly overnight, websites, applications, and devices seem to have incorporated AI in some form or fashion, citing innovation and reduced operating costs, and largely ignoring security implications.

For cybersecurity professionals, learning about AI systems is a two-fold responsibility. First, we must ensure that we understand the threats to these systems. But equally important, we must address the threats posed by these systems — specifically by their intentional and accidental misuse.

Here’s our guide to navigating the world of AI for cybersecurity professionals, complete with credentials, courses, and case studies.

Navigating AI for Cyber Security Professionals — Doing Your Homework

• Start by learning the language of AI.

  • Lifehacker’s AI Glossary is a very straightforward place to start.

  • Once you’re done with that, the folks at Andreesen Horowitz also have their own list of slightly different AI terms.

  • Moveworks glossary is even more detailed and has an easy to navigate interface, complete with an entertaining introductory video.

  • And lastly, the list of terms from Expert.AI is among the most comprehensive we’ve come across so far. Its worth noting that each of these lists is geared towards different audiences, and the inclusion or exclusion of certain terms reflects that.

• You’ve probably used tools like ChatGPT to help with research, writing, planning or other tasks, but are you prompting efficiently and effectively? This free course from LearnPrompting teaches you the best practices when it comes to communicating with AI. You can even test your skills on their HackAPrompt Playground.
  

• Next up, review the OWASP Machine Learning Security Top 10, and learn about threats such as input manipulation and model inversion attacks.
  

• Known for their ATT&CK framework, MITRE recently released ATLAS — Adversarial Threat Landscape for Artificial-Intelligence Systems — in an attempt to ‘raise awareness of the rapidly evolving vulnerabilities of Al-enabled systems’. Review the framework to deepen your understanding of AI threats.

• While we’re on the topic, NIST also released a Risk Management framework, specifically for AI. So did Google.
  

• Its time to take a course.

  • Check out the free Artificial Intelligence Fundamentals course from IBM via Skillsbuild, and earn a certificate of completion. They also have a Generative AI for Cybersecurity Professionals course, available on Coursera.

  • Additional free course are available via Securiti, including AI Security and Governance and Databricks: Generative AI Fundamentals

• If you’re looking to learn about programming with AI, TCM Security has you covered.

• PortSwigger has updated their free Burpsuite labs and coursework to include LLM attacks, available in their Web Security Academy.

• Speaking of credentials, if you’re looking to bring your resume into the age of AI, ISACA has their own AI Fundamentals Certificate. Other certification providers such as CompTIA, ISC2, and others will undoubtedly follow suit as the interest and demand for AI credentialing grows.

• Proofpoint’s free ebook: Cybersecurity’s AI Tidal Wave does a good job distinguishing hype from reality, and fact from fiction.

• Lastly, its worth learning about how companies are using AI tools for security and how AI-Security companies are changing the way we approach the challenges in various domains of infosec.

  • Take a look at Red Hat’s 4 use cases for AI in cybersecurity

  • Read about why Dennis Fisher thinks AI is Software Problem

  We’d love to know: How are you keeping up with the evolving AI landscape? Join the conversation