AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to level the playing field, but only if security professionals learn to apply it effectively.
Organizations are beginning to integrate AI into security workflows, from digital forensics to vulnerability assessments and endpoint detection. AI allows security teams to ingest and analyze more data than ever before, transforming traditional security tools into powerful intelligence engines. AI has already demonstrated its ability to accelerate investigations and uncover unknown attack paths, but many companies are hesitant to fully embrace it. Many AI models are implemented with such velocity that they remain untested with few organizations that have any basic security or auditing guidelines for their implementation. As a result, AI can increase risks instead of reducing them, particularly when it comes to privacy and data protection. There is a lack of proper security culture for AI implementation in organizations that have to remain competitive and reduce the costs of compute needed. On the other side, you have many organizations completely not implementing AI at all, even banning it among their employees, due to a lack of understanding of the risks as well. There has to be balance – decreasing risk, increasing competitiveness, reducing costs, and making fast decisions for an entire organization like a fighter pilot in the middle of a dogfight. One wrong decision in the above can become irreversibly devastating for the organization.
One of the biggest challenges in cybersecurity today is the lack of professionals who are studying and learning how to apply AI effectively. Security teams need to study AI advancements daily/hourly because adversaries are adapting in hours/minutes. There is no time to wait for someone to write the book to solve these challenges, wait a single week, and the book is now aged – that is how fast the field is moving. The organizations that embrace AI will have a significant advantage over those that delay its adoption.
To meet this need, SANS Institute is offering Applied Data Science & Machine Learning for Cybersecurity, a course designed to teach security professionals how to use AI and Machine Language core understanding to wrap around capabilities in their organization for defense strategies. This hands-on training covers how to utilize and build AI and machine learning models for threat detection, automate security processes, and improve threat intelligence analysis. Security teams do not need a background in data science (we teach it) to take this course, just a desire to learn and apply AI in their lives – daily.
For those who want to gain these critical skills, SANSFIRE 2025 is the ideal opportunity. The event will take place June 16-21, 2025, in Washington, D.C., bringing together top cybersecurity professionals for hands-on training, live labs, and expert-led discussions. The SEC595: Applied Data Science & Machine Learning for Cybersecurity course will be available at SANSFIRE, allowing attendees to experience AI-driven security firsthand and apply what they learn immediately.
Cybersecurity is evolving at an unprecedented pace, and defenders must evolve with it. The question is not whether AI will be a part of cybersecurity operations, but who will master it first. If you want to stay ahead of the curve, join us at SANSFIRE 2025. Learn more at SANS and register for SANSFIRE at SANSFIRE 2025.
Note: This article is written and contributed by Rob T. Lee, Chief of Research at the SANS Institute.
