AI Hype Drives Demand For ML SecOps Skills

In a sign of the growing importance of assessing the risks of artificial language to corporate assets, organizations are increasingly looking for job candidates with skills in machine learning and large language models to fill cybersecurity jobs. In ISACA's 2024 State of Cybersecurity report, just under a quarter of respondents (24%) named LLM SecOps and ML SecOps as the biggest skill gaps they see in cybersecurity. Soft skills — communication, flexibility, and leadership — continue to be the biggest category of skills that cybersecurity professionals are missing, according to 51% of respondents.

Source: 2024 State of Cybersecurity, ISACA

Wanted: LLM, ML Skills

Both LLM SecOps and ML SecOps are fairly new skill sets, but, like the technologies they secure, they now seem to be everywhere.

MLSecOps is the discipline of integrating security into the development and deployment of machine learning systems. It covers ML-specific processes like securing the data used to train a model and preventing bias through transparency, as well as applying standard security operations tasks such as secure coding, threat modeling, security audits, and incident response to ML systems.

LLM SecOps refers to securing the entire lifecycle of LLMs, from data preparation to incident response. LLM SecOps covers concerns as varied as ethics reviews in the design phase, data sanitization of training data, analyzing why the system made the decisions it did during training, blocking the generation of harmful content, and monitoring the model once it is deployed.

There is a growing list of resources for security professionals to build up their skills. For ML SecOps, Benjamin Kereopa-Yorke, a a senior information security specialist and AI security researcher at telecommunications provider Telstra maintains a GitHub repository of resources and trainings, with courses categorized by prior ML knowledge required and classified as vendor-agnostic or vendor-centric. Open Worldwide Application Security Project (OWASP) has a draft Machine Learning Security Top Ten list describing how ML attacks such as data poisoning or member inference work and how to counter them. OWASP also maintains the OWASP Top Ten for LLMs, which covers topics relevant to LLM SecOps such as prompt injection, sensitive information disclosure, and model theft.

Organizations are looking for specific skills to fill open cybersecurity positions. After soft skills, cloud computing was the second biggest skill gap (42%), followed by security controls implementation (35%), and software development (28%).

With so much of the organization's workload now residing in the cloud, it makes sense that organizations need cybersecurity professionals with cloud computing skills. Securing cloud assets require a different mindset and technical skillset than traditional networking, and cloud providers handle certain tasks differently, requiring specialized knowledge.

Security controls implementation refers to protecting endpoints, networks, and applications. The skills gap in software development was not coding related, but rather things such as testing and deployment. Again, this highlights the challenges organizations are having securing their software development pipelines and integrations.