Skip to Content

A Lack of Cybersecurity Talent Is Driving Companies to Use AI against Online Attacks

October 30, 2017

A shortage of humans to fight cybersecurity battles is causing companies to turn to machines.

As we reported last year, a large skills gap is causing hiring difficulties in the cybersecurity industry. According to the Information Systems Audit and Control Association, less than one in four candidates who apply for such positions is qualified. The organization predicts that the lack of qualified applicants will lead to a global shortage of two million cybersecurity professionals by 2019. On the other hand, criminals can commandeer thousands of computers to form a botnet that can then be used to launch attacks.

In response, some companies are now taking matters into their own hands and relying on artificial intelligence to take on the workload.

One such company is Booz Allen Hamilton, which is utilizing AI to more efficiently allocate human security resources. AI triages the firm’s threats so that workers can focus their efforts on only the most critical attacks.

Smaller companies that can’t afford to bring in large cybersecurity staffs are also gravitating to AI, using services provided by companies like Trustwave Holdings. As Trustwave told the Wall Street Journal, about 60 percent of companies it surveyed recently indicated that “half or fewer of their security staff have the specialized skills and training to address more complex security issues.” AI allows for a smaller number of employees to successfully fight back.

One particularly striking example is Daqri, a company that makes augmented-reality glasses for architecture and manufacturing (see “This Super-Fast 3-D Printer Is Powered by Holograms”). With 300 employees, one might think Daqri would have a whole team of cybersecurity analysts on hand to defend against attacks. Instead it has only one—the rest of its security is run by machine-learning algorithms that monitor feeds from over 1,200 of the company’s devices.

Deep Dive


Everything dies, including information

Digitization can help stem the tide of entropy, but it won’t stop it.

What’s next in cybersecurity

“When it comes to really cutting off ransomware from the source, I think we took a step back.”

Cyber resilience melds data security and protection

Organizations face pervasive and sophisticated cyberattacks, but modern data protection techniques can provide a multifaceted defense.

A new age of disaster recovery planning for SMEs

How cybersecurity threats have morphed, why SMEs need to plan for disaster recovery, and what they should do about it.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.