Will Artificial Intelligence replace humans?

Generative AI, over the past few months, has shown the world some of the things that large language models (LLMs) are capable of. As a human it feels immensely powerful to craft a prompt and get a coherent result back in seconds. Our imagination immediately runs wild. What if I can … replace this human by ChatGPT? … let ChatGPT write phishing emails … create a fake copy of myself, my friend, or … my boss. I guess it is time to say that we need to hold our horses.

There is no doubt that recent experiments with LLMs are valuable and contribute to our progress as a society but they are not coming close to replacing humans any time soon.

One of the biggest problems we face today is that of abstraction. Under everything we claim to understand lie dozens, if not hundreds, of levels of a complex system that we do not believe is necessary to understand. Now, the paradox is of course that abstraction is extremely useful in conveying concepts to humans that are mere users. As an example: if I want to fly from Brussels to New York, I do not need detailed knowledge about all the mechanics that get me, and my luggage hopefully, to the big apple. I get on the plane, behave, am nice to the border agent, and walk out of Newark airport about 7 hours after I left Brussels. What you won’t see me do, based on that limited understanding of what it takes to travel on an airplane, is claim that I could fly from Paris to Adelaide in one hour with 200kg of luggage. Even I know that my abstract level of understanding breaks under unreasonable expectations.

Noam Chomsky, undoubtedly one of the smartest people in our lifetime and a notable expert in the field of linguistics, has weighed in on ChatGPT and LLMs. As he observed, the fact remains that humans are profoundly unique in their ability to acquire a language and then use it to generate and communicate countless iterations of ideas with each other. LLMs, at their foundational level are mathematical models that look at language from a statistical perspective to become really good at predicting the next word in a sequence.

Does that make LLMs meritless? The answer there too is no. At spotit we have been involved in numerous AI projects, some of them involving LLMs, where the focus was primarily on using the technology to optimize SOC efficiency. Every SOC around the world is battling a deluge of data fed into its tools in real time. Making the right choices about which data goes where, creating alerts and determining which of those need to be prioritized, adding context to an alert to support the analyst in making the right triage, analysis, and response actions. All of those are challenges where AI and ML technologies show great promise and are, in fact, already helping in various ways.

In our SOC, we are always at the ready for the next attack. While we can classify and rank threat actors all day long, our biggest enemy doesn’t really execute malicious code, trick users, or exfiltrate data. Our biggest enemy is time. And that is exactly where AI and ML can help us massively. There are plenty of dream scenarios where we go to bed and software takes the wheel in battling cyber threats but that is not where its current value lies. Our focus is still on automating the collection and triage of contextual data to enable our analysts to make the right decisions as fast as possible. This allows us to minimize the time we spent on false positives, and it shortens the time potentially lost on finding out which assets are involved, where the attack is coming from, and what can possibly be the next step.

Everybody loves a good hype story and abstractions provide fertile ground for hype stories. In all of the turmoil we should remember two things. The first is that technology’s primary use is in enabling humans to work better and to connect in more meaningful ways. The second is that when walking through storms we are best served if we keep looking at our feet. This is exactly what we focus on too. We want to leverage technology to build better connections for our people and our customers and, in this constant storm of cyberattacks, we want to continue watching our feet.