As AI’s capabilities prove double-edged, cybersecurity’s momentum has surged. Companies prioritise it due to increased competition. Palo Alto Networks, a nearly two-decade old cybersecurity firm, aims to become a one-stop shop with a “platformization” strategy. In an exclusive interaction with The Hindu, Meerah Rajavel, CIO of Palo Alto Network shared her views on how IT jobs have changed, the company’s new AI toolkit, and integration.
Edited excerpts:
THB: How have IT roles transformed since the advent of AI?
Meerah Rajavel: In the earlier days, you could be a programmer and that was good enough. Now, you cannot just be a programmer. You also need to understand the business domain and how technology can enable the business domain to produce the outcome. Normally, these are job families like business system analysts, administrator roles, designer roles, data engineers, and so many different varieties. Today, we’ve actually automated a lot of that with the adoption of AI and automation. So, we went from 29 job families to 6 job families in IT.
Now, I need people who are really good at problem solving which is what an analyst does. I need engineers who can program, script, and have good basic knowledge of coding. Then, there are programme management and project management roles where problems are solved in a unison.
As the technology evolves, we are probably going to see some new roles coming around. We don’t have some job families like AI trainers but we are already experimenting with some of them. We need people who ensure that AI doesn’t drift from what it’s supposed to do. If something starts misbehaving, we want to make sure there are checks and balances with some level of human intervention.
THB: Will there be roles related to ethical deployment of AI?
Rajavel: I do expect more job roles around ethical AI - there are things like how we look at our data and how we anonymise or how we are changing the weightage of our data in training our AI. That kind of thing is going to become mainstream. Right now, I do have some of them because we use AI, but it is a much smaller job family. But I think tomorrow, as we are expanding the use, it’s going to become a mainstream as well.
THB: There have been reports on how the adoption of Microsoft Copilot hasn’t pleased customers. What kind of acceptance do you see for your Copilot tool?
Rajavel : We are definitely taking a different approach than most of the vendors without naming any of them. We don’t see copilot or AI as a separate product because eventually, it’s going to be integrated. People think it’s a separate product and you can charge for it separately but it’s going to become integrated. Our copilot focuses on providing information at the fingertips, remove complexity, and solve the problem. This is a combination of copilot and AI and an automation coming together hand in hand.
TH: AI-powered cybersecurity threats present a massive risk today. How do you tackle these? Are there any plans of launching any new tools?
Rajavel : We have three AI tools that are all generally available today. Firstly, when importing and exporting sensitive data, we don’t want to restrict people from using ChatGPT but we can’t have a marketing person taking PR news that’s not even released and upload it because they want to get some suggestions. But if they want to generate creative content from Midjourney or ChatGPT or summarise text, that’s fine. So, we have restrictions around what kind of data you’re allowed to upload and download. If somebody is trying to take a source code and put it in ChatGPT, we will stop right away saying that you’re not allowed to upload this file.
The second product will actually make sure we are configuring our AI correctly. For example, with AI you have to have good data, the right model, and the right set of libraries for your prompts. Any misconfiguration on that makes your AI itself vulnerable. So, this product will look at the posture of your AI applications to see where vulnerabilities are. The third product offers real-time security. If you have an agent for your customer support and someone intruded into that agent giving a wrong prompt to the agent, the agent can respond to the customer with the wrong response.
THB: There have been instances like the massive Azure outage where an automated update went through causing a widespread error. How do you prevent something like this?
Rajavel : The event you’re mentioning was about how updates were introduced in one strike. I mean honestly it can happen to anybody and we’re actually very empathetic to what happened with our industry peer. But our approach is different because we don’t do a massive push in one go. When Palo Alto Networks pushes out some change, we typically push out to what we call a canary, which is a progressive rollout. So, the first one will be 1% of the population and if it doesn’t go well, we always have a rollback mechanism. If it does go well, we’ll go to the next set of audience.
Secondly, we also provide customers the ability to dictate how they want the change to be accepted because if the customer is running a highly sensitive thing, they can have it on their own schedule so the power is back in the hands of the customers as well. Thirdly, we also internally have a high amount of testing in our environment before we start the phased roll out as I’m the first customer for my company.
Published - December 31, 2024 10:57 am IST
