The cybersecurity workforce is shifting -- AI agents are leading the charge
Digital threats are advancing in lockstep with positive innovation -- and they're more damaging than ever. Combating these emerging vectors requires a novel approach, with artificial intelligence and proactive threat detection at the helm.
Amazon.com Inc. is redefining security at the intersection of AI, physical safety and public-private collaboration. Its evolving strategy blends digital resilience with real-world safeguards to counter the speed and complexity of today's threat landscape
"A lot of people think about security, especially in a chief information security officer role as just that, information security," said Steve Schmidt (pictured), senior vice president and chief security officer at Amazon. "What they don't realize is that the physical world is as important. So, for example, if I can get physical access to your laptop, it really doesn't matter a whole lot what kind of digital security you've got going on there. You have to start at the physical layer and work up to the information layer."
Schmidt spoke with theCUBE's John Furrier and Scott Hebner at the AWS Summit Washington, DC event, during an exclusive broadcast on theCUBE, SiliconANGLE Media's livestreaming studio. They discussed Amazon's security posture as proactive, AI-driven and deeply integrated across both the physical and digital world. (* Disclosure below.)
Amazon is leveraging AI not just to automate tasks, but to actively defend systems, with AI agents harnessed to simulate both attackers and defenders. Defensive agents train protocols for proactive threat detection, generate digital signatures and respond in minutes -- far faster than traditional methods, according to Schmidt.
"We also build tools that are defenders -- their job is to identify the attacks and to extract from the attacks the signatures, which our systems can use to prevent access in the future," he said. "What we measure now is, instead of situations where it used to take days, weeks or months to build new signatures for attacks, these agents can do it in minutes -- and it's really transformative for our ability to defend systems."
While AI unlocks accuracy and expediency, a human in the loop is still critical for validating actions before deployment. Eventually, some agents could become fully autonomous in low-risk environments, but high-stakes systems will continue to require human oversight, Schmidt added.
"There is a material difference in how autonomous they can be based on the workload," he said. "For example, if I'm protecting your production website workload, I've got to be careful. Whereas if I'm protecting the toy box that I use to mess around with things, I can have a lot more automation that just does things because the cost of an error is so much lower."
Here's the complete video interview, part of SiliconANGLE's and theCUBE's coverage of the AWS Summit Washington, DC event: