Since the floodgates opened in November 2022 (at the arrival of ChatGPT), there has been one question on everyone’s mind: Is AI going to take my job?
While the answers range from yes to no to maybe, there are ways to ride the AI wave without being subsumed by it. The way skilled professionals will do that, especially within cybersecurity, all depends on how well they know the industry—and how well they understand the value of their place in it.
This blog will focus on the mixed opportunities of AI in the cybersecurity field and the undoable changes it has produced. Given this landscape, it will also review how cybersecurity experts can navigate the altered terrain to come out on top and with their professions still intact.
To do this, however, may require a change in perspective.
How Can Professionals Adapt to AI’s Impact on Cybersecurity?
First, we need to understand what AI does well and where it falls short. AI offers opportunities for rapid inspection and discovery of vulnerabilities and their exploitation. It is very good at analyzing large datasets for patterns, anomalies, and accelerating the vulnerability management process.
On the flip side, it is also opening up holes in software that more deliberate development activities would have closed. The confidence and style in which AI delivers error-prone code and answers can fool a user into trusting the output instead of treating it for what it is: untrusted data.
And this is where humans come in. Cybersecurity professionals must become adept at both using the technology for what it is good at as well as being able to rapidly discover and correct when AI has gone wildly (or subtly) off the rails.
Therefore, cybersecurity experts who understand safe development practices and data integrity principles are needed now more than ever.
How Does the Choice of Industry Impact Cyber Job Prospects?
As AI and its concurrent developments change the landscape, this additional complexity leads to ever-evolving compliance standards and business needs. The key is finding a sector whose needs align with the skillset you choose to develop. For this, it helps to look at current trends.
The financial and health care industries are particularly highly regulated, for instance. Security is a requirement, and demonstrating adherence to controls is a business-critical function. Other sectors may be less regulated but have different risks and business needs, such as reputational risk or privacy concerns.
Rather than sector, though, I would advise that a person look for the type of work that they enjoy and can sustain – an auditor or SOC analyst will have different types of day-to-day activities and demands than someone on a red team.
Similarly, with compensation, money is only one factor; industry, culture, environment, opportunities for advancement, even stability are all part of the equation. Know what you value, what you enjoy, and how you can best contribute, then find a place where those things work for you.
Which Cyber Skills Will Be in Demand for the Next 5 Years?
Specific industry focuses aside, some cybersecurity skills are universal and will broadly apply to any sector in the coming years.
Security is fundamentally a creative problem-solving exercise that seeks to minimize risk and enable business outcomes. While there is a degree of technical acumen required for specific skills and knowledge, what I would look for is a combination of domain expertise and understanding of how to safely achieve business outcomes. Without this second piece, cybersecurity professionals who are purely knowledgeable will lose relevance.
Certifications, for example, can serve a purpose in focusing areas of study, but they often fail to prove mastery of a given subject area. The social aspects of security are critical because often we need to be able to weigh the tradeoffs between security, usability, and speed. That requires negotiation, building allies, and an understanding of what the business is trying to achieve.
For this reason, cyber professionals in this new era cannot afford to be one-trick ponies. Instead, they need to grasp the big picture as well as the technical understanding—and be able to communicate where those two intersect.
How Can Cyber Professionals Future-Proof Their Careers?
The simple answer? Demonstrate success. And realize that cybersecurity success is inseparably tied to the success of the business.
Be able to clearly articulate what the security outcomes you want to achieve are, know how to measure them, and demonstrate the value of those outcomes. Being skilled technically is only part of the equation; using those skills to help the business reduce risk, go faster safely, or otherwise contribute to doing things better is immensely helpful.
When we have a consultative approach and can contribute to moving the business forward and not just adding elements of friction, we become a valuable partner and someone the business wants and continues to invite to the table.
The Takeaway
In a world where AI is rewriting the cybersecurity playbook, the professionals who will thrive are those who combine technical expertise with adaptability, creativity, and business acumen. Future-proofing in cybersecurity isn’t about chasing every new certification—it’s about becoming indispensable as a trusted partner in enabling secure growth.
Meet Our Thought Leaders
Fortra® subject matter experts share their real-world experiences, offer practical tips, and help organizations navigate the cyber threat landscape.
