Across the world, organisations are racing to adopt AI. It promises efficiencies, new capabilities, and, in the case of cybersecurity, a genuine breakthrough. AI can scan vast datasets in seconds, detect subtle anomalies, and help analysts respond to threats that now unfold at machine speed.
But beneath this progress lies an inconvenient reality: Even as AI becomes more capable, the fundamental skills needed to secure our digital world are eroding. In Singapore, where governments and companies are pushing for AI adoption, nearly six in 10 (59%) organisations say they now lack the technical talent required to keep their systems safe, according to the Bitdefender Cybersecurity Assessment Report 2025. The gap is continually widening, not narrowing.
This paradox is beginning to shape the next phase of global cybersecurity. We are embracing more powerful tools, at the cost of losing the expertise needed to understand what those tools actually see.
AI changes how we work, but also how we fail
One misconception about cybersecurity today is that AI reduces the need for deep technical understanding. In truth, AI doesn’t eliminate human judgement; it raises the stakes of getting that judgement right.
AI systems excel at spotting anomalies, but they cannot interpret intent. They surface signals, but without understanding the architecture of the networks they protect, those signals become ambiguous. When organisations treat AI-driven systems as black boxes and trust what they flag without questioning how or why, they risk missing the context that gives those alerts meaning.
DNS: The core system that AI can’t interpret alone
Nowhere is this tension more visible than in one of the most unglamorous yet functionally foundational parts of the internet: the Domain Name System (DNS).
DNS is involved in nearly every cyberattack, from phishing campaigns and botnet operations to data exfiltration and domain spoofing. It’s also one of the earliest places where malicious activity leaves clues. DNS provides the upstream visibility that can reveal attacker infrastructure days or even weeks before a campaign goes live.
Yet DNS literacy is declining. Many young analysts encounter it only when their AI-powered platforms flag something unusual. They see the signal, but not the system. They recognise the anomaly, but not the behaviour behind it.
AI can sift through billions of DNS queries, correlate signals across geographies, and highlight anomalies too subtle for humans to catch. But the decision to escalate, contain, or dismiss an alert still rests with people.
In some cases, attacker infrastructure can be identified weeks before the first phishing link appears or the first payload is delivered. Without foundational skill, this intelligence becomes background noise. AI can show us where to look, but human expertise tells us why it matters. This is where AI has the most promise: it frees analysts from the noise of modern cyber operations, giving them space to think strategically.
AI upskilling requires a mindset shift
The strongest cybersecurity teams today operate on a simple principle: AI should carry the workload, not the responsibility.
The most important shift is not technological, it is educational. We need to treat AI as a catalyst for strengthening foundational skills.
The industry needs to take three practical steps forward. First, rebuild the basics. Organisations must reinvest in training that teaches how the internet actually works: DNS behaviour, network protocols, system architecture. These skills give analysts the confidence to challenge and interpret AI outputs, not just accept them.
Second, train analysts and business leaders to collaborate with AI, not defer to it. Security teams should ask: Why is the AI surfacing this? What behaviour is it detecting? How does this fit into our network’s context? These questions turn alerts into insight.
Third, elevate upstream visibility. Early warning systems like DNS-layer analytics allow teams to detect malicious infrastructure before an attack begins. AI enhances this sensitivity, but foundational expertise makes it actionable.
None of these steps require abandoning AI. They require recognising that AI is most powerful in the hands of people who understand the systems it is meant to protect.
A smarter, more balanced security future
Singapore’s push for an AI-ready workforce is an important step toward building a resilient digital economy. But as the country, and the rest of the world, accelerates its adoption of AI, it must also strengthen the foundations on which that future rests. The real hazard of the AI era is not that machines will outpace human capability, but that organisations may overestimate what machines can do alone.
If we want AI to reach its full potential, we must pair technological ambition with sustained investment in foundational skills and deep technical training. Those are the capabilities that transform AI from a tool into a true collaborator.
Ultimately, we need to see the future of cybersecurity as augmented, not automated. Because in this field, speed may stop an attack, but only understanding prevents the next one.
