Will I be replaced by AI?

Having worked in Mlytics Security Operation Center (SOC) for a few years now, I’ve seen firsthand the intense vigilance and quick thinking required to keep cyber threats at bay. Picture this: our SOC room is filled with monitors displaying every aspect of a network’s security, like mission control for cyber defense. SOC engineers, including myself, are the unsung heroes, vigilantly guarding against cyber threats and ensuring the safety of valuable data.

As the buzz around AI grows louder, a question looms: could AI replace our roles as SOC engineers? It's a topic that's not just on my mind, but I believe it’s a shared concern. Let's delve into some intriguing points I've been pondering.

The Role of a SOC Engineer

SOC engineers play a crucial role in many organizations, including Mlytics. We monitor network traffic, identify anomalies, and respond to security incidents. At Mlytics, we use various tools to detect threats, analyze logs, and ensure that any potential vulnerabilities are patched. This demanding job requires a keen eye, quick thinking, and a deep understanding of cybersecurity.

At Mlytics, we are SOC engineers who are also responsible for managing security technologies, developing response strategies, and continuously improving security protocols. Our work is vital in protecting internal and external assets from the ever-evolving landscape of cyber threats. [1]

Enter Artificial Intelligence

Having seen AI’s potential, it’s fascinating to think about how it might reshape our work. I'm not going to lie: We in Mlytics SOC use AI every day now to keep up with the gigantic size of information nowadays.

First off, AI is like the supercomputer from your favorite sci-fi movie. It can analyze massive amounts of data faster than any human ever could. For SOC operations, I think this means AI can detect patterns and anomalies in network traffic that might indicate a cyber threat. Imagine having an AI sidekick that never sleeps, never gets tired, and can process data at lightning speed. It sounds fantastic, right?

AI plays a crucial role in alleviating SOC engineers from repetitive tasks that dominate their time, such as monitoring alerts and logs. By automating these routine activities, AI allows engineers to redirect their focus towards more intricate and strategic tasks. It operates akin to a robotic assistant handling mundane responsibilities, thereby enabling engineers to tackle more stimulating challenges. Within our SOC department, significant strides have already been made in automation. For instance, tasks like ticket creation in response to issues or requests, as well as mitigation strategies during DDoS attacks, have been successfully automated. By continuously feeding AI with monitoring data such as “Pulse” [2] and traffic patterns, we enhance its decision-making capabilities, ensuring more precise incident handling.

The Human Touch

While AI is incredibly powerful, for me, it is not infallible. It can analyze data and recognize patterns, but the human touch is something that you can’t replace. SOC engineers bring something unique to the table — intuition, experience, and the ability to think creatively. When a sophisticated cyber attack happens, the insight and judgment of a human engineer are invaluable. AI might flag a potential threat, but deciding the best course of action often requires a human brain.

Furthermore, cyber threats are constantly evolving. Hackers are always coming up with new tricks and techniques. SOC engineers need to stay ahead of the game, continuously learning and adapting. AI can assist with this, but it still relies on humans to teach it and fine-tune its capabilities.

The Future of SOC: AI and Human Collaboration

So, back to the question, will AI replace the SOC engineer? The answer is a bit nuanced. Even though several service providers are already trying to provide AI-based SOC, personally, it will not be able to replace a 100 percent SOC engineer. AI will definitely change the way SOC engineers work. It will take over many routine tasks and enhance the threat detection capabilities, making the job more efficient and focused on strategic decision-making. However, based on my experience, the human element is still irreplaceable in this field. The combination of AI’s processing power and human intelligence creates a formidable defense against cyber threats.

In the future, we can expect a collaborative approach where AI and SOC engineers work hand in hand. By the way, we at Mlytics SOC are already starting and working on this initiative. AI handles the heavy lifting, processing vast amounts of data and identifying potential threats. Meanwhile, our SOC engineers use their expertise to interpret AI’s findings, make critical decisions, and respond to incidents with agility and precision.

What’s Next?

In conclusion, rather than replacing SOC engineers, AI is more likely to become their trusted partner. Think of it as a powerful tool in their arsenal, helping them to be even more effective in protecting our digital world. So, while AI will undoubtedly transform the SOC landscape, the heroes behind the monitors — the SOC engineers — will still be there, fighting the good fight.

So, how about you? what do you think? Will AI replace SOC engineers or your job? Or can we work together with the AI as an unstoppable team? Let me know your thoughts!

References

[1] Understanding the Service Scope of the Support Packages. (n.d.). Mlytics Help Center. Retrieved June 15, 2024, from https://help.mlytics.com/en/knowledge/understanding-the-service-scope-of-the-support-packages

[2] Mlytics. (n.d.). What is Pulse? Retrieved June 15, 2024, from https://help.mlytics.com/en/knowledge/what-is-pulse