In the interview, Heather Adkins discusses how AI and machine learning are revolutionizing cybersecurity by enabling faster threat detection and response, while also highlighting challenges like trust, safety, and the complexity of modern malware. She emphasizes the need for continuous learning, foundational STEM skills, and collaboration to responsibly harness AI’s potential, alongside fostering diversity and maintaining human cognitive skills in the rapidly evolving cybersecurity landscape.
In this insightful interview, Neil Daswani, co-academic director of Stanford’s advanced cybersecurity program, engages with Heather Adkins, head of Google’s Office of Cybersecurity Resilience, to explore the evolving intersection of AI and cybersecurity. Heather shares her journey into cybersecurity, which began before the term “cybersecurity” was popularized, sparked by an early experience with a system breach during an internship. She emphasizes the inherent insecurity in how systems are built and managed, highlighting the complexity and opacity of the internet’s many layers, each with potential vulnerabilities that experts can exploit.
Heather discusses the longstanding use of machine learning and AI at Google to enhance cybersecurity, citing Gmail’s spam filtering system as a prime example that now blocks 99.9% of phishing and malware attacks. She also explains how AI is employed to analyze app behaviors on platforms like Android and Chrome to detect malicious software, maintaining open ecosystems while protecting users. The conversation touches on the challenges of malware detection, including the scarcity of labeled data for training models and the sophistication of modern malware, but notes advancements such as Google’s VirusTotal leveraging large language models like Gemini to rapidly analyze and interpret malware code, significantly speeding up threat detection.
Looking ahead, Heather envisions a transformative shift in cybersecurity defense driven by AI, where defenders can operate at machine speed to detect and neutralize threats almost instantly, drastically reducing attackers’ dwell time in networks. She highlights the emergence of agentic AI systems—autonomous agents that can communicate and act within enterprise environments—to automate threat detection and response, improving productivity and security. However, she also acknowledges the challenges of trust and safety in deploying such systems, emphasizing ongoing efforts to develop frameworks and standards to ensure secure and responsible AI use.
The discussion also addresses broader concerns in cybersecurity, such as the detection of backdoors and the theoretical limits of malware detection due to computational complexity. Heather is optimistic that AI, particularly large language models capable of reasoning about code, will help identify vulnerabilities like buffer overflows and backdoors more effectively over time. She stresses the importance of foundational STEM skills, continuous learning, and collaboration for cybersecurity professionals to harness AI’s potential responsibly and effectively, while also encouraging diversity and retention of women in the field.
Finally, Heather reflects on the historical context of technological progress and education, drawing parallels between the medieval period and today’s rapid technological changes. She warns against over-reliance on machines at the expense of human cognitive skills and underscores the enduring importance of scientific thinking and education. The interview concludes with practical advice for learners to embrace AI tools, maintain curiosity, and develop both technical and collaborative skills to thrive in the evolving cybersecurity landscape shaped by AI advancements.