Artificial intelligence has become a core component of modern cybersecurity operations, helping organizations tackle the increasing scale, speed, and complexity of digital threats. Sudhir Kumar Rai, Director of Data Science at cybersecurity firm Trellix, explains that AI systems — particularly machine learning and generative approaches — are now essential for detecting, prioritizing, and responding to cyber incidents in near real time, especially when human teams alone can’t keep up with vast data volumes and rapid attack evolution.
Rai reflects on his career path into cybersecurity, noting that a strong foundation in mathematics and analytical problem-solving naturally led him toward data science and eventually to security, where models must perform reliably under real-world pressures rather than just in controlled research settings. He also stresses the importance of clear goals, shared context, and structured knowledge-sharing in globally distributed teams to maintain alignment — a key factor when building and deploying complex AI-driven security systems across regions.
On the role of generative AI, Rai sees it as a tool for improving analyst efficiency, especially through tasks like alert summarization and prioritization that reduce cognitive overload. However, he also warns that generative models introduce new risks, such as adversaries using AI to craft more convincing phishing campaigns or automated attacks. This dual-use nature means defensive systems must continually evolve, mixing traditional threat detection with techniques that can spot AI-assisted malicious behavior.
Rai further underscores the need for robust governance, explainability, and regulatory compliance as AI is deployed at scale in security contexts. In regulated environments, AI decisions need to be interpretable and auditable, and privacy-preserving methods like federated learning are increasingly relevant. Looking ahead, the focus is on creating scalable, interpretable, and resilient AI systems that can adapt to shifting threats while aligning with governance and ethical requirements.
