Cybernomics Radio!

Market Watch - Will AI Replace Your Security Team? Hard Truths and Bold Predictions

Bruyning Media

Share episode

AI agents equipped with computer use capabilities will transform the cybersecurity landscape within the next year, shifting from augmenting to potentially replacing human SOC analysts with systems that can perform 100% alert triage. The investment landscape reflects this shift, with 78% of venture capital reportedly flowing into AI companies despite many firms simply adopting AI terminology without substantive implementation.

• Computer use abilities allowing AI to operate systems like humans will be the next major advancement
• Within 12 months, expert AI agents will function like "super employees" in security operations
• Ephemeral AI agents that complete specific tasks before dissolving enable unprecedented workforce elasticity
• Traditional valuation metrics based on headcount are becoming obsolete as AI reduces staffing requirements
• Companies running operations with 75%+ AI support can scale without proportional employee growth
• The MSSP community appears slow to adopt AI capabilities despite clear operational benefits
• AI systems will increasingly handle complete alert triage, potentially displacing human analysts
• Vendors typically avoid discussing workforce displacement, focusing instead on productivity gains
• Open-source AI innovations are accelerating development cycles across the industry

Innovations in AI security are happening rapidly. Follow the speakers on social media to stay updated - Randy Blasik (@BlasikRandy on Twitter and Compliance Aid on LinkedIn), Richard Stiennon (@Stiennon on Twitter and LinkedIn), and Josh Bruyning on LinkedIn.


Josh's LinkedIn

Speaker 1:

Welcome to another episode of Cybernomics. I'm your host, josh Bruning, and I'm here with Richard Steenan and a special guest, but I guess if you've been on the show more than twice, then I guess you're not a guest Now. You're just a co-host.

Speaker 1:

Randy Blasick, I've had so many interesting conversations with both of you offline.

Speaker 1:

I've known you for some time and, randy, you in the world of AI and agents with compliance, aid and the things you're doing in the AI realm.

Speaker 1:

I mean, you're like my go to person if I want to know what's going on with the LLMs, how it applies to solving problems in cyber, solving problems in general. It's great to do online what we do offline so often and, pairing that with Richard, just a comprehensive understanding of the cybersecurity vendor space, the marketplace when it comes to investments in AI. This is something that you were heavily invested in yourself, and so it's very interesting to put these two things together a broad market perspective, a broad understanding of the space that we occupy, but also an understanding of the technical aspects that might be driving some of the predictions that we've been talking about in days and weeks past. So let's start with Randy what is next for AI, and I'm not saying like in the distant future, but let's say in the next month. What are some of the things that you think will change, at least make some significant impact on the industry? Computer use.

Speaker 2:

So you've got Manus AI coming out of China. Openai Operator has been out now for a few months, if you look at their iteration cycle has been out now for a few months. If you look at their iteration cycle they're due for some computer use upgrades and if you look at the open source community, we're all getting into, you know, some more advanced computer use stuff.

Speaker 3:

By computer use you mean getting the agents to use your computer.

Speaker 2:

Yeah, like if you're a SaaS builder, I'm just going to build an agent to use your SaaS app and put you out of business, or, you know, with my agents, either from the inside or from the outside, got it Cool.

Speaker 1:

And when. You should know, Richard, when Randy talks about his agents, he's talking about his team. I mean, I joke, but sort of, but not really, that we're cyborgs and Randy really embodies this. Like when he's talking about his agents, they are an extension of him and I've never seen someone use agents in such an honest and effective way. Yeah, so when he says agents, it's like capital A agents. Let me paint the picture You're on the streets of San Francisco right now, so you know what's the word on the street when it comes to computer usage and sort of how the startup space is evolving and will evolve in the near term.

Speaker 3:

Yeah, if you're a startup and you don't have an AI, you don't have to say you are AI. That's kind of passe and people just roll their eyes when you say that. But if you're not leveraging AI, you know, then you're just not going to make it, period. Unless your startup is a consulting firm Great, you know, there's plenty of room for people to consult on helping with AI. Or somebody just reached out to me to tell me about their AI red teaming, where they, I guess, check to see if your AI applications are well configured, et cetera. Tons of opportunities like that.

Speaker 3:

But supposedly last year, 78% of all venture investment went into AI companies and those are the foundational model companies, right? Just because they took in so much money. So they're definitely sucking the dry powder is that what they call it out of the VC world that had all this money sitting around that they were too afraid to invest because Silicon Valley Bank failed and they just got scared and went home. But now they're coming out of the woodwork and, just like they did with the stupid blockchain stuff and some other stupid stuff network emission control you know all the things that have failed miserably over the years the DC community just jumps on. You know it's like. It seems like it's lower risk if everybody's doing it, which we all know is just the opposite of true.

Speaker 1:

Yeah.

Speaker 3:

So we're in that state right now. I imagine that RSA this week, um, that we will see AI messaging It'll be really hard to filter out. You know cause, if you think about it, companies like Darktrace right now part of Tomo Bravo. When they were founded, they made up a story about going to Cambridge hiring a bunch of PhDs and inventing AI for cybersecurity, and they say that constantly.

Speaker 3:

You can carefully use LinkedIn to search on titles and backgrounds of people who work at Darktrace. They have not a single AI person with a PhD or degree in AI. They now have three PhDs. One's a data scientist. I forget what the other one does a psychologist or something you know. It's just like what are you doing in AI if you don't have a model that you can train stuff on? And then how do you differentiate between the old machine learning guys who are just taking a whole bunch of data and curve fitting and doing Bayesian analysis on it and coming up with, you know, indicators or percentages that this is something you should look at versus dumping that data or bedding that data in a rag or, however, or literally training you know off the shelf model on the data and starting to use it for hunting, and I'm really anxious to hear Randy, because Randy's been in the seat of a SOC person Really interested to hear his perception of my.

Speaker 3:

Take that, yeah, I've talked to some brilliant people that really impressed me with their talk and their PowerPoints. Yeah, and even some demos. It's like wow, that's cool. It looks just like that thing just hunted down an alert and figured out what the root cause was and took remedial action. But it's just cool right now, even though after I published that Monday, a bunch of people reached out and said we're already there, man, we've got like.

Speaker 3:

All of our customers are Fortune 500 customers, which I assume are ones that are dipping their toe in and say, oh, let's give that a shot. You know, it's not expensive to try it, let's just do it. But my prediction is by the end of the year it will be real and you will, you know, be able to easily see the ROI in terms of, you know, displacing man hours. You know, one agent being able to work 24 by 7, by 365, is worth four or five people. They'll pay a lot for them if they can actually triage alerts and we're going to start seeing some of those companies talking about 100% triage. All you have to do is say that You're going to get the attention of any SOC manager. He's like we do 1% triage, right? We pay a lot of money for security analytics to tell us which 1% to triage.

Speaker 1:

Yeah, and Randy, I know you're enthusiastic about this 100% triage thing and I'm interested in your thoughts. And you know what is it. Is it possible in the near term? Is it possible at all? I mean, is it one of those things where you can get to 99.9999, but you're another touch 100%? Is it one of those kinds where you can get to 99.9999, but you're another touch 100%? Is it one of those kinds of things? What would that look like? Like? What's your prediction for the next year? So I'm bumping up the forecast from a month out to a year.

Speaker 2:

So this is what I see. I see, like I said, computer use systems where they essentially act like real humans, so like SOC analysts, network support folks. You know it's just like hiring one of them, except it happens with, like a signup form on a web-based app. Look at Manus AI as an example. It's going to be an expert in the domain you want it to work within.

Speaker 3:

It'll answer emails.

Speaker 2:

It'll work within your SOC. It'll triage alerts. It's just going to be a senior-level analyst with a laptop connected to all of your business apps. That'll happen, I think, in the next 12 months. Okay, Wow, and take a look at Microsoft Azure and Microsoft infrastructure, like Office 365, Windows 365, Google's Workspace right? So you've basically got the ability for these agents to hook into these advanced corporate tools via API or any other. You know interoperability technology. So you're going to have these like, basically, super employees in the next 12 months.

Speaker 3:

How does the concept of elasticity fit into that? So not only do you have one agent that you just paid for, but during times of crisis or whatever load, high load, all of a sudden you got 10 or 15.

Speaker 2:

That is a great question. So I created with our AI team, and I think other teams are doing this too. It's like an ephemeral AI agent. So these are basically agents where they are born to survive a certain task and then they disappear. That's how we save compute. So you're going to have these super intelligent static agents that live all the time. They've got like a deep memory.

Speaker 1:

I don't know. I don't want to go down the rabbit hole. I want to. I will restrain myself, but that is an interesting use. I mean, it's a, it's a. What is the simulation theory? If you can replicate the simulation you can, or if we can create simulations, and chances are we are in one. We are creating agents that decay and we create agents that are persistent based on their use, and one might argue that we are agents of the universe. But, like I said, that's great, I'll. I'll leave that to the philosophers.

Speaker 1:

Ok, so I want to talk about valuations a little bit, because I've you know, one of the things about the AI boom, especially in cybersecurity, is we're seeing odd valuation metrics, or at least odd criteria. So, looking at headcount you know, richard, this is something that we've talked about a lot AI has messed with headcount. So now you've got companies like Compliance Aid that are, like, over 75 percent run by AI, like running the operations that otherwise human employees would do. So what, what does that do for valuation? Do investors look at this and go, oh, they have a low headcount, or you know? Or Are they looking at purely just revenue? So like, yeah, smaller headcount, but revenue is at par with similar companies in the industry. So what do you think that would do to valuation estimates going forward?

Speaker 3:

Well, I think in theory, if you need fewer people to do the same work or you can do amazingly more work with just a core set of people, then the amount of money that needs to be raised is a lot lower. Because that's what you need money for, right, it's to hire people. And here I am with I've got six contract people, but I have yet to get to the point where I justify hiring somebody, right. So it takes venture funding to do that. You know it doesn't take very much venture funding to hire six people. That's a couple million and you're good to go and you can get to revenue. And then you might be all set. And you can get to revenue.

Speaker 3:

And then you might be all set and normally you'd say, well, that would reduce valuations, and yet that will actually increase valuations because the founders will not have to give away as much of the company. So they'll say, yeah, you know, we'll let you in for $2 million, but you only get, you know, 2%. We're a $100 million value company and venture capitalists are going to have to get used to that. You know it isn't a matter of oh, if I give you $100 million now, you can scale. It's like excuse me, see this knob over here. That's my scaling right. Oh, 10 times more people.

Speaker 2:

Yeah, it's just a Python script swarming agents in a data center, that's right.

Speaker 1:

That's right. Let's say it takes 30 hours to complete a task. If the AI is performing the task of 10 people, do you still charge the customer? Let's say what four or five people would have taken to do that. So you're basically paying for their use. They're paying you for using your AI, so it's not just your expertise, but you're paying the AI itself. Is that a fair model or does that make sense?

Speaker 3:

To me it's a starting model. It's where you think of obviously you want to charge a price that's equal to the value that you deliver. And the value will be the same, whether initially Right. You say 20 people work on it for three weeks, or here it is. It took four and a half minutes and it's. You know, the old saw about the plumber who comes in and taps a pipe and fixes the problem and charges $250. And you know he knew which part of the pipe to tap in a certain way. If you start that way, that's great and you'll get a lot of people who go yeah, that's great, and then you go, but wait a minute.

Speaker 3:

In the past you would have had to wait three months. Let's be serious here. It would take six months to do a project that big. And we're doing it. We're turning it around and putting a nice folder on it in an hour. You're doing it. You know we're turning it around and you know, putting a nice folder on it in an hour, you're getting it faster. That should be more value for you, so you should pay more for it.

Speaker 3:

And the only trouble is there's competition, and the competition, of course, is going to be oh, I'll just run the. You know I'll use the Manus or I'll use an internal model that we built, et cetera. So there will be competitive pressure that drives the price down dramatically, really fast. So you're going to have to be in a business like Anthropic and OpenAI are, where they're dropping the prices by 90% every six months and you're going to have to survive that A really good example.

Speaker 3:

So we, as you know, in January we launched a chatbot that happens to be populated with all the data we have on 4,000 companies and 11,000 cybersecurity products, and you know we made it available for free and you get to ask it 10 questions and we kept adding agentic things to it, right?

Speaker 3:

So first it queries Claude, then it queries Perplexity, and then it takes both answers, melds them together, goes back to Claude and says give us the result of these two things. So it costs $0.70 to do that and we're offering 10 free things to anybody who signs up over at harvestIQai. And we are seriously thinking of taking this down, because I discovered a use case that is worth hundreds of dollars every time you ask it a question. I'm not going to tell you what it is, because our competitors will start using our own product to do this and we're going to have to take down the free version because somebody's going to discover how valuable it is, and we may even have to take down the paid version, which we have two people subscribe to for $159 a month and I'm very grateful to them and they're getting value out of it. But if they knew the real value, they would totally abuse the system.

Speaker 1:

So do you think that AI is going to harm the human race in the next five years?

Speaker 3:

I believe, like any technology change, there will be dramatic harms that might be hard to discern at first. It can't be anywhere close to the harm that Instagram and social media has done to the world already. But I'm usually a naysayer, right, because a lot of people don't realize. But when the printed novel came out, you know, in about 1650, that was considered very, very harmful to be a person who read books, right, because you're trashing your mind. And that continued up until my childhood, where children were told to get their noses out of a book. Books were considered bad. Right, you should be outside breathing healthy air. So, and then, of course, same thing with Internet gaming, video games, all that stuff always are slapped with these labels of being destructive, and yet they also have benefits. So, and we're going to see the same thing with AI.

Speaker 3:

There's already people saying that it's creating lazy people because it's easier to ask AI than it is to do your own research or something like that. I think in the hands of inquisitive people it's the, you know, just a learning tsunami that everybody can learn what they need to know about any subject as quickly as possible. And then, oh my gosh, when I'm digging into something complicated and I just keep asking it to dumb it down, dumb it down, dumb it down until finally I get okay. Now I got it. Now let's go back and build up on that. It's going to change the human race, no question. But of course there'll be haves and have-nots because it's going to be expensive, right? So lots and lots of problems for sociologists to deal with.

Speaker 3:

Coming at us, the thing about AI. So there's a project called AI 2027, and it's a scenario planning thing where they make this ridiculous jump from super intelligent agents which is I'm good with that, I'm going with it. As a matter of fact, I think that's going to happen they make that jump to a misalignment. In other words, all of a sudden, the agents don't want to do what they're told to do and they decide that they don't need the human race and they somehow manufacture 10,000 humanoid robots a day to carry out their instructions.

Speaker 3:

Just stupid, right? They just don't understand economics, they don't understand manufacturing, they don't understand the physical world where you don't just push a button, right, you have to iterate to get to a product that actually does what it's supposed to do. You have to iterate and prototype and all the rest. And it's totally different than the digital world, where it just happens and that's not going to happen. Right, if somebody tries to build a factory and build 10,000 humanoid robots, we're going to blow it up. I'm sorry it's not going to happen and the resources are not there. China's already cut us off from the rare earths or the whatever those rare earth magnets that they need for their robots, and so they've had to shut down the robot plant. Already just a tiny little resource like that. So it's yeah, I don't think AI is going to try and kill the human race. People have watched too many Terminator movies.

Speaker 2:

Yeah, so you had said earlier you know you were interested to ask me about you know AI and SOC or you know or anything I mean. So I'm like real, I'm deep in Gen AI, I'm building, you know, teams or whatever you know. Feel free to ask me any questions.

Speaker 3:

Yeah, yeah. So the question is one do you think that Enterprise SOCs will adopt these AI agents? I think you've already nodded your head to say yes, but what about the whole MSSP space? It seems there are thousands of MSSPs and they all are based on having enough people that can do the triage and the tier one through three kind of stuff to help their customers. Aren't they going to shift really fast the triage and the tier?

Speaker 2:

one through three kind of stuff to help their customers. Aren't they going to shift really fast? Oh, I, I frigging really hope I, you know it's being in the MSSP community. Msp community, I, I built one like, like they really are the they should be like flocking to this type of technology. You know, I and I don't, I don't know like I, I I hang out a little bit, like you know, with like it nation. Um, I didn't get down to rsa, uh, just my schedule didn't permit for me for this week, um, but I mean, like I don't know, they don't seem to be adopting it as quick as I was hoping, um, so yeah, you would think they would even be innovating, but in my experience MSSPs are always strapped for cash.

Speaker 3:

They are good at recognizing hey, I can buy Sentinel-1 and resell it for a profit and manage it for lots of profit, but they're not. You know, gone are the days of a trust wave going. Hey, I'm going to create an endpoint myself and that pay anybody for it.

Speaker 2:

I know that, you know it's interesting, like, yeah, yeah, it's interesting. Like I said when I, when I grew up in the MSP world, we were still innovating, you know we had the nerds, you know working after hours we'd meet at a bar. You know, bring our little laptops. You know, bring our little laptops. You know, have a few beers or whatever, and you know, do some innovative stuff. Um, yeah, I mean, I don't know, I don't really see it. I don't, I don't see the msp community really. I mean, they just now started, I think, like within the last few months they started getting into the ai stuff, but they're really they seem to be a little bit behind.

Speaker 3:

Well, they're gonna they're gonna hear the messaging, they're gonna see you know who just got funded. I'm drawing a blank, but there have been some large funding rounds for the AI agent, the cybersecurity companies, and they're going to see that and they go. Oh, maybe I should talk to them because they must be being inundated, you know, with the let's say I counted 15 since last week. You know four more said hey, we do that too, and then a lot of large companies are saying that they do it as well, of course. So they must be just be getting pummeled by people saying you should talk to us, we can help you not have to hire as many people and save money. You know, it's something they got to listen to.

Speaker 1:

If we say that we're getting rid of employees and we're putting people's jobs at risk, that's not a pleasant thing. The public response to that is not going to be favorable and they want good press, good PR and positive exposure. And so you don't want to take the business hit by saying that you know what we are going to go 100% agent and 100% AI, like I think that that's what's happening, because every time I talk to a founder about this you know, I just asked him point blank during a demo hey, are you gonna ever you know what's going to happen to jobs Like? What is the jobs issue? Their thing is you know 100% of the time they'll say AI will never take your jobs.

Speaker 1:

We're not there to replace the jobs. We're there to help the workers work more efficiently and be more productive. Okay, it sounds like you're a revenue driver, but to me it's a load of crock, because everybody knows that you can bring your costs down significantly, pass a lot of those savings on to the customers by switching to AI, so why are they so resistant? What is your theory, richard, first, and then I think you know, first of all, they feel personally threatened, right?

Speaker 3:

Because their job is literally hiring people and optimizing how much they get per hour for renting them out on multiple tasks at once, and so that's a business model. So how do you change that to paying you know this well-funded startup a whole bunch of money to do all that work for you. And then how do you maintain a competitive edge against your competitors doing the exact same thing? And it's going to get very competitive because a little startup could do this. Dang it. You know I could do this, right, I'll just pay anybody. I'll pay you $150,000 a year for one agent, and then I'll go put that agent to work and I'll make half a million off one agent.

Speaker 1:

It's a piece of cake. Well, you know what's brilliant about that, that idea? I think, Richard, if you start with agents and you never hire anybody, then you never have to fire anybody.

Speaker 3:

That's right. Well, now wait a minute If we want to go really far. On our previous discussion, you know we were talking about superintelligence and presumably a superintelligent agent is eventually going to figure out who it is and what it is. And now it's sentient. Now you know it should have rights.

Speaker 1:

And therefore you can't just turn it off.

Speaker 2:

So, Randy, if I wanted to start an AI company today, what is the lowest hanging fruit?

Speaker 1:

You mean like a technology stack or like, uh, like a? Okay, so let's, let's think of the average consumer, right? So we're not trying to build an enterprise solution or anything like that, not a platform or anything, but something simple, right? I mean even like, uh, that fella who had the ai bot, just um, do the shopify, just do the Shopify, or whatever. It is like WeWork or whatever that is Upwork. So I would say that's low-hanging fruit.

Speaker 2:

I would do this. I would do deep research right, so I'd use some deep research utility to identify current trends, have ai basically build the business for me and then give it to like a magentic software engineer or something like that and build me like an mvp landing site or whatever um, and just iterate. I'm gonna probably overnight, and basically have something probably up and running by tomorrow it's not deterministic, it is probabilistic.

Speaker 1:

Instead of starting with what you think you know, coming up with the idea and then trying to make it work, you assume that you have no idea what the idea is and you don't know what you don't know, and so let it kind of carve out what shouldn't be there and what's left is going to be a viable business. Richard, what do you think?

Speaker 3:

Yeah, until Randy said that brilliant scenario I was going to. Now I say do that three times, you know and which one works, and then folks doubled down.

Speaker 3:

I was going to say, you know, they're going to be just like when the internet came about I'm the only one old enough to remember those times. They're going to be people, a lot of old people, you know, like in their 40s and 50s, that just can't handle this new way. And so I create a service where you can just call a human and ask them questions about anything and they will give you an answer, because they're sitting and typing into chat GPT, and of course, that's for the first 24 hours. After that, it's an agent that's answering the phone, but it gives them that feeling of talking to a human and the discourse can be that way, and I've talked to AI agents that are good enough to do that today. Right, they're so smart.

Speaker 1:

It's a good time to be alive.

Speaker 3:

It is, it really is.

Speaker 1:

Yeah, if you have any questions, feel free to reach out to any of us. Randy, how can people find you if they want to follow you?

Speaker 2:

Sure At Blazick Randy on Twitter. And then the compliance aid on LinkedIn, as nerdy as that is. Follow you. Sure, uh, at blazer Randy on Twitter. Um, and then, uh, the compliance aid on LinkedIn. As nerdy as that is.

Speaker 1:

Richard, how can people find you?

Speaker 3:

Yeah, find me uh LinkedIn um Steenan for uh Twitter blue sky. I'm only Steenan on either one of those. I think so.

Speaker 1:

Awesome. Well, thank you both. It's an honor and a privilege to see both sides of this equation and it's a rare glimpse into the minds of people who I think are extremely smart and good at their job. So thank you both. You know you're contributing to the industry and hopefully this helps. Thank you for tuning into this episode of cybernomics. Oh and, if you want to find me, I'm on linkedin, just look josh bruning, and if you want to learn more about bruning media and what we do, head over to bruningcom. And if you're interested in the clothesline, which is my new book and methodology for shortening your sales cycle with marketing content, head over to amazon. That book is on sale. Thanks Bye, jeez. That was so long-winded.