AI isn’t replacing cybersecurity roles but it is changing them, and not always for the better, according to new research. A study from ISC2 found that 65% of cybersecurity professionals who use AI in their roles are spending time deciding when to trust or act on AI-generated recommendations. Nearly two-thirds (63%) said they often find themselves reviewing and validating AI outputs. While this is basic best practice from a safety perspective, these processes are wasting valuable time. Regardless, the influx of AI tools within the profession has been welcomed by practitioners, according to the study. More than half (53%) believe the technology is creating new entry-level opportunities, while 48% said AI makes them feel more optimistic about their long-term career prospects. “AI is not replacing cybersecurity professionals; it is changing what the profession requires of them,” said ISC2 CEO Scott Beale.“As AI takes on more repetitive tasks, as well as performing some complex cybersecurity analysis at speed and scale, cybersecurity roles are shifting toward higher-value work, from asking the right questions to validating findings, interpreting outputs and applying human judgment.” Beale noted that the use of AI is changing “how work is distributed across security teams”, meaning investment in areas such as governance, skills development, and validation practices is “essential”. Too much time fixing problemsWhile nearly half of cybersecurity professionals reported that AI has reduced workplace stress, 32% said it has made it worse. A key factor here lies in the aforementioned validation and reviewing practices, the study noted. Those experiencing higher levels of stress were significantly more likely to spend longer periods deciding when to trust AI-generated outputs and recommendations. When AI-recommended actions lead to incorrect outcomes – which nine out of ten said had happened – half of the participants said their organization holds human decision-makers ultimately accountable.Put simply, poor AI-related outcomes have a direct impact on wellbeing for cybersecurity practitioners when it’s their neck on the line. Confusion over accountability and ownership of AI also adds to stress, the study noted. Nearly a quarter (21%) of respondents said accountability of AI-related issues varies depending on the severity. Over-reliance is a worryOther top concerns cited by ISC2 included over-reliance on AI, a recurring worry not just for cyber professionals but workers across a range of industries. As ITPro reported in May, a study from GoTo warned over-reliance on the technology could erode key skills. Similar concerns have been highlighted in software development, particularly among entry-level workers entering the workforce. 62% of respondents identified this as a key concern in the ISC2 study while 56% also highlighted worries about reduced human judgement capabilities when it comes to business-critical decisions. Foundational cybersecurity skills remain essential, according to ISC2, especially with AI in the mix. Notably, nearly two-thirds (62%) said they don’t believe the technology has reduced the need for these skills, compared with just 26% who say it has.FOLLOW US ON SOCIAL MEDIA

Judge tosses another No Surprises lawsuit against HaloMD
It's the third recent legal victory in No Surprises lawsuits for billings intermediary HaloMD, which has also had suits dismissed in California and Texas.


