COMMENTARY: The cyber skills gap keeps widening, and the same age-old organizational challenges persist. CISOs, CTOs, and their teams are asked to do more with fewer resources. They’re expected to onboard, monitor, and maintain a myriad of devices while embracing digital reformation, supporting shifting market needs, and enabling new business imperatives.And they need to do this while cybercriminals continue to up the ante by leveraging AI technologies to increase the volume, velocity, and sophistication of threats.[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]These colliding complexities continue to evolve, but the underlying challenges are nothing new. While there’s still no panacea for the industry, enterprises urgently need more eyes on the glass than ever. Yet with 4.8 million cybersecurity professionals needed worldwide to fill critical roles, even the brands with the most recognizable names, highest salaries, and longest list of perks cannot hire their way out of this situation.As networks expand, user demands accelerate, and cybercriminals level up, today’s organizations need to find long-term and scalable alternative solutions—ones that don’t rely on constantly recruiting new talent—that empower them to effectively protect their digital assets.The path forward: embrace generative and agentic AI. When used strategically, these technologies can streamline security and network operations, create long-term efficiencies, and alleviate many of the challenges exacerbated by the ongoing talent shortage.
While generative AI models typically require human prompts and oversight, agentic AI functions as an ecosystem of expert agents designed to learn, communicate, and autonomously monitor, detect, and respond to threats across an organization’s entire digital environment. It can automate complex threat detection and response workflows, minimize human error through intelligent decision-making, and orchestrate multiple AI-driven agents communicating across different security layers to ensure a synchronized, intelligent response. In short, agentic AI executes work on behalf of humans, working in a closed, role-based ecosystem.Agentic AI represents a significant shift in cybersecurity and network management. Because these agents are designed to act independently, implementing agentic AI in cybersecurity and networking programs reduces reliance on humans. This frees analysts to focus on higher-level tasks and decision-making instead of drowning in routine tasks. It also reduces the need to constantly recruit new practitioners in an era where the demand for talent still outpaces supply. As the skills shortage persists, agentic AI offers a viable alternative.While most vendors are focused solely on security or networking AI, organizations should find a vendor that ensures both disciplines work together. This lets enterprises take advantage of AI-driven decision-making across their entire digital infrastructure. One example: SOC and NOC convergence, which eliminates longstanding silos and increases efficiencies for both teams.An organization might use agentic AI to do all of the following: fix network configurations, build routing paths, add Secure Access Service Edge (SASE) nodes, and investigate Wi-Fi issues caused by a security event. By embracing agentic AI, CISOs, CTOs, and their teams can leverage telemetry gathered from across the network to create a unified security and network response to events, with AI-powered agents collaborating across endpoints, networks, and the cloud.However, not all security and networking products are created equal. When evaluating vendors, it’s essential to investigate how their AI agents are designed and trained. Look for agents that are purpose-built to perform specialized tasks on behalf of a human with precision—serving as an expert that can offload analyst workloads, reduce operational costs, and speed-up detection and remediation efforts.Ask vendors about the development of their AI stack:What kind of data lake was used for training the models? Is it unified and of high-quality? Does the model go through continuous learning? Does the vendor use supervised learning in its AI training process to improve detection accuracy? How are the machine learning engines customized to power agent behavior across both security and networking environments together? Can they see and collaborate with other AI agents deployed across the network? Can teams empower the agents to make autonomous decisions? What guardrails are in place to support agent-led decision-making? The real advantage of embracing agentic AI comes from the number of agents in the stack and their ability to work together as an interconnected system. The more agents, the more a team can counter the ongoing skills gap through role augmentation in the agentic AI ecosystem.AI agents must seamlessly orchestrate and communicate across a security and networking fabric, forming an east-west collaboration that enhances decision-making. This enables a stack model approach where security and networking functions continuously adapt, prioritize, and respond to threats in real time, resulting in a more dynamic and autonomous security posture.The ongoing evolution of cyber threats requires defenders to adopt a new strategy—one that doesn’t just react to attacks, but proactively prevents them through intelligent automation. Organizations need products that can manage and mitigate these shifts without relying on recruiting, hiring, and retaining qualified cybersecurity and IT professionals as the sole means of achieving better security.Agentic and GenAI promsies to let smaller teams do more with less, help reduce burnout by eliminating low-level, repetitive tasks, and even make cybersecurity roles more accessible to newly-minted practitioners who do not yet have deep technical expertise. And as AI continues to shape cybersecurity, today’s organizations require an AI-driven security and networking strategy that offers faster, smarter, and more efficient protection—designed to work at the speed of AI.Derek Manky, chief security strategist and global vice president of threat intelligence, FortiGuard LabsSC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Agentic AI vs. generative AI: What's the difference?
With “AI” topping the list of technology-focused buzzwords, it’s no surprise that nearly all cybersecurity vendors now claim to employ generative and agentic AI across their products. While it’s easy for technology providers to make bold marketing statements, cutting through the noise to understand exactly how the AI is applied—and whether it even delivers on the promises that vendors claim—requires IT leaders and their teams to dig deeper. While "GenAI" and "agentic AI" are sometimes used interchangeably, they serve very different purposes. Generative AI excels at analyzing massive data streams and recognizing patterns, producing outputs that humans can review and take actions. In cybersecurity and networking environments, it can help teams make faster, better-informed decisions and streamline complex tasks. In practice, this might look like analysts using GenAI to assist their daily operations through optimizing threat investigations, accelerating response efforts, creating more efficient SIEM queries, enhancing and building SOAR playbooks, and quickly surfacing anomalous behavior.While generative AI models typically require human prompts and oversight, agentic AI functions as an ecosystem of expert agents designed to learn, communicate, and autonomously monitor, detect, and respond to threats across an organization’s entire digital environment. It can automate complex threat detection and response workflows, minimize human error through intelligent decision-making, and orchestrate multiple AI-driven agents communicating across different security layers to ensure a synchronized, intelligent response. In short, agentic AI executes work on behalf of humans, working in a closed, role-based ecosystem.Agentic AI represents a significant shift in cybersecurity and network management. Because these agents are designed to act independently, implementing agentic AI in cybersecurity and networking programs reduces reliance on humans. This frees analysts to focus on higher-level tasks and decision-making instead of drowning in routine tasks. It also reduces the need to constantly recruit new practitioners in an era where the demand for talent still outpaces supply. As the skills shortage persists, agentic AI offers a viable alternative.While most vendors are focused solely on security or networking AI, organizations should find a vendor that ensures both disciplines work together. This lets enterprises take advantage of AI-driven decision-making across their entire digital infrastructure. One example: SOC and NOC convergence, which eliminates longstanding silos and increases efficiencies for both teams.An organization might use agentic AI to do all of the following: fix network configurations, build routing paths, add Secure Access Service Edge (SASE) nodes, and investigate Wi-Fi issues caused by a security event. By embracing agentic AI, CISOs, CTOs, and their teams can leverage telemetry gathered from across the network to create a unified security and network response to events, with AI-powered agents collaborating across endpoints, networks, and the cloud.However, not all security and networking products are created equal. When evaluating vendors, it’s essential to investigate how their AI agents are designed and trained. Look for agents that are purpose-built to perform specialized tasks on behalf of a human with precision—serving as an expert that can offload analyst workloads, reduce operational costs, and speed-up detection and remediation efforts.Ask vendors about the development of their AI stack:
