If you’ve been on LinkedIn in the last 6-12 months, you’ve probably seen a lot of opinionated takes on AI: what it can do, what it can’t do, how it’ll replace Lassie and be today’s hometown hero, and how it’ll be the downfall of modern society as we know it. As someone who’s focused on security by trade for close to ten years, a lot of my feed consists of panic around job security. The spectrum of posts ranges from extreme to extreme: everything from “AI should be nowhere near enterprise networks” to “autonomous security agents should run unsupervised.”

I want to offer my thoughts on the role of agentic workflows in today’s offensive security landscape, not because I think my opinion carries more weight than the fear that many of my peers are experiencing, but rather in an effort to hopefully allay those concerns as technology continues to evolve.

SOF Truths Meet Bots and Agents

Before I entered the private sector, I was a U.S. Air Force cyber effects officer. I specialized in defensive cyber operations and was a part of USCYBERCOM’s inaugural “hunt forward” mission in 2018. The bulk of the pride I carry from my time in service does not stem from the outcomes of that mission, but rather how I used my rank to protect and empower my team. One of the tenets I lived by actually came from a place I never was a part of but highly respected: Air Force Special Operations Command (AFSOC).

As a young cadet attending the Air and Space Symposium, I got to meet and sit with Lt. Gen. Brad Webb, commander of AFSOC. In his address to those of us who would soon go on to lead the men and women of the United States Air Force, he covered the SOF truths. One of these truths stuck with me and I still carry it with me today: humans are more important than hardware.

While this concept was contextually tied to warfare, the trajectory of my career and the persistence of this principle in my modus operandi has proven that it has applications beyond the battlefield. It also has proven that its application in conflict is probably the simplest to grasp and execute. As a young lieutenant hunting the adversary in contested networks, it meant that the operators on my team were the most valuable and dangerous asset in our arsenal. As a supervisor, and in a more nuanced situation, it meant that while the mission always came first, taking care of the men and women under my purview always took precedence. That precedence held even if it meant that the objective would be accomplished tomorrow instead of today. That also meant that the responsibility that came with my rank looked like answering to leadership as to why that was the case and standing by my decisions for the welfare of my people. As a husband, brother, and friend, this principle manifests in prioritizing care for my loved ones over getting tasks done at my leisure or taking the leap on a lucrative endeavor. Sometimes that means late nights, weekend due outs, and a mild-to-moderate degree of routine disruption.

I paint this picture to drive a point: the principle is applicable beyond the front lines. Where does it fit in to AI and offensive security? I propose that it sits at an intersection of some if not all of these scenarios. Safe, responsible employment of autonomous security systems will require a human-in-the-loop within our lifetime. I base my stance on the importance of human context in the responsible and ethical employment of agentic systems.

Human Context is Essential

While completing my master’s degree in International Affairs at King’s College London, I took a course called “Strategy in the Age of AI.” One of my favorite readings discussing the employment of autonomous weapons systems in conflict was written by Professor Kenneth Payne and it was a book chapter titled “Tactical Artificial Intelligence Arrives.” In this chapter, Dr. Payne presents an interesting dilemma: an autonomous weapons system with offensive capabilities is surveilling a contested area. The platform is trained to engage with anyone brandishing a weapon; the goal is to eliminate threats to friendlies patrolling the space. Initially this seems reasonable: the system is proactively engaging with potential life-threatening elements found within the zone. The question that often lags behind is: does the weapons platform have enough training and context to discern between an insurgent and a child holding a water gun? Even if the answer is “yes,” does the average operator feel comfortable leaving that discernment to the machine?

Obviously the scenario presented is extreme, but that ramification does not become so far removed when we start to consider deploying fully-autonomous agents to take actions on enterprise networks. In my time as a red teamer, some of the enterprise networks I tested were in financial and medical verticals and this required careful attention to detail. Scoping, rules of engagement, and constant communication with the client mitigated the risk that came with performing adversarial testing on a system that determined whether a patient got their medications on time.

For these reasons, I say that human context is essential. The reasoning, contextual knowledge, “unspoken” tradecraft, and experience that the human has to offer is still critical to the safe use of AI-enabled technologies today. Now, I don’t want anyone to think that this is a post against using agentic workflows. If anything, this is a case for their (responsible) use.

The future of humans... humans will make it!

If your back hurts when you wake up in the morning, you might recognize this quote by Banagher Links from Mobile Suit Gundam Unicorn. If you’re not familiar, a Gundam is a giant, robotic mobile suit controlled by an elite operator or pilot. The suit has state-of-the-art weaponry and hefty armor, enabling the pilot to achieve feats outside of the realm of human capability. There’s a key takeaway here though: the suit is nothing without its pilot, and the pilot is short-handed without the suit.

The future of responsible security looks like humans augmented by agentic capabilities. People who adapt to technological evolution and understand how to employ it to counter the adaptive threats that arise daily. Operators who understand that agents, machine learning, neural networks, and LLMs are all part of a super mech “suit” we get to wear and master every day we show up to work. Without a technically-elite human at the controls, the suit has no direction, guidance, or supervision. Without the suit, the human isn’t decimating Shai-Hulud version 1337 to smithereens as expeditiously as those package users would find ideal.

The infosec space has gone through many “revolutions” or at least iterations of significant changes. On-prem became hybrid, orchestration and containerization streamlined deployment workflows, and now we have mathematically-complex algorithms deciding the semantic relevance of one word to another. Security professionals, although sleep-deprived and only running off of two pots of coffee, have always prevailed. If that’s not a testament to the importance of human tenacity and adaptability, I’m not sure what is. We built these systems, and the future of responsible, efficient cybersecurity looks like a symbiotic relationship between us and that really sick Gundam we built.