The CloudSec Rocket
Posts
3 Strategies for Cloud Security Specialists to Thrive in A Post-AI World

3 Strategies for Cloud Security Specialists to Thrive in A Post-AI World

Nelson R
March 21, 2025

Artificial Intelligence is reshaping our world. Marc Andreessen, founder of Netscape and iconic venture capitalist, once quipped that "software is eating the world".

In tech circles, this has been amended to: "Software has eaten the world, now AI is eating software".

As cloud security specialists, we're dealing with massive change on two fronts.

First, in the cloud platforms we work with, which are dynamic and ever evolving. Azure, the platform I work with day-to-day, has over 200 cloud services, each of which can change in myriad ways.

Second, AI is progressing at a vertigo-inducing pace. Visible progress in AI once happened over decades. Now, it happens monthly or even weekly.

“Feel the AGI” moment
courtesy of u/Bena0071 testing Google’s new Gemini 2.0 Flash Experimental model

In this article, we'll cover three strategies you can apply to thrive in this new world. The focus here will be on high-level mindsets that drive key behaviours, rather than specific tactics.

1. Maximise Adaptability

An environment of unprecedented technological change rewards adaptability more than anything else.

While the precise way the AI revolution will play out is unknown, there are a few truths that can be predicted. One is that there will be lots of amazing new tech, with massive "unfair" advantages for early adopters.

Therefore, we need to adapt our workflows to take advantage of these new tools.

This means identifying the most promising AI tools, and building a regular habit of using them. This isn't a once-off "cutover" to a new way of working, but rather cultivating a continuous habit of engaging with new tech.

What are some concrete examples of this?

Previously, my workflow for addressing work-related questions involved typing the query into Google, wading through a sea of different links, and then synthesizing an answer from these various sources.

Now, I first enter my query into an AI "Deep Research" agent. In many cases, this will be Perplexity's Deep Research agent, which does a decent job quickly and has generous usage limits.

For more important, less frequent questions, I'll use ChatGPT's Deep Research capability, which gives the best results on the market but has strict usage caps.

Instead of using Google like a pleb, start with Deep Research agents when thinking through a technical scenario.

You'll still need to verify the results of the output, but this is made easier by the citations these capabilities provide.

You can even use a hybrid approach if you want. First, use Deep Research to give you an idea of the options to solve a problem. Then plug those options into your traditional research process using Google.

2. Constantly Refine Your Mental Model of What AI Can Do

AI is evolving exponentially, not linearly. Just six months ago, AI coding agents were largely experimental; today, they're completely re-writing the software world order.

If you haven't tried one of these agents, go fire up a session on bolt.new and prepare to have your mind blown.

There are two key ways to ensure your mental models are up-to-date:

1) Curate your "information diet" so you're adequately brainwashed made aware of new developments quickly (i.e., follow the right AI influencers, plug in to the right online communities, etc); and

2) Build regular "AI experimentation" time into your schedule

In terms of (1), here are a few random sources of information I'm a fan of to get you started:

AI Explained YouTube channel
Matt Wolf YouTube channel
r/singularity subreddit (don't judge me 😅)
Lenny's Podcast
Y Combinator Podcast

... and countless others. Find which ones you enjoy listening to and make them part of your life.

This is more of a passive consumption activity. Item (2) is more about actually doing something with the knowledge.

Regularly scheduled experimentation time is crucial—think of it as essential "maintenance" to keep your skills sharp and your toolkit current.

For us cloud security specialists, there are three key domains we should be focusing on in my opinion:

AI tools that are explicitly security-focused (i.e. Microsoft Security Copilot, Lakera Guard for AI security, Vanta for GRC, etc)
AI tools that allow us to conduct technical research more effectively; and
AI tools that enable us to write code more quickly (even if writing code isn't a primary part of job, it's a valuable skill for almost any cloud security specialist)

Full disclosure, (2) and (3) above are what I’ve focused on personally at the moment. (1) is something I need to do more of.

Staying updated through regular, disciplined experimentation means you'll know exactly which AI tools excel in what scenarios.

Good experimentation time with Le Chat, courtesy of u/Nunki08

3. Be Creative in Applying AI to Your Career

As your mental model of AI’s capabilities grows sharper, start imagining how these advancements can be leveraged for your career.

This means thinking beyond the current set of tasks you do day-to-day and asking yourself: "Are there things I could be doing to help my career, that AI now makes more possible?"

For example, previously it may have been hard to find the time to build a personal brand or write a technical blog.

Now, using platforms like bolt.new, you could effortlessly create a polished, personalized website showcasing your cloud security expertise.

Or maybe previously, you didn't have the technical skills or time to build applications that solve problems your workplace faces. In the era of AI agents, however, maybe you do.

For example, off the top of my head, these are some apps I'd like to see that would solve issues I've encountered at work:

An app that tells you in a more human-friendly way exactly why the Azure Front Door WAF blocked certain traffic

An app that collates data from other cloud security professionals on what high-level stack they use to protect their cloud and presents it in a visually nice way (i.e. what SIEM tooling, what CNAPP tooling, etc)

Another example could even be ways you can use AI to learn information more effectively.

For example, I recently started studying for a Microsoft certification (AI-102 - "Azure AI engineer"). One gap was the training materials were only available in written form, and I thought it would be valuable to have an audio version so I could "learn on the go" more easily.

I used Cursor Composer in agent mode to build a simple web application that converts the official training documentation to an audio version using the ElevenLabs text-to-speech API.

This killed three birds with one stone:

Allowed me to practice my AI experimentation habit, learning about the capabilities of Cursor Composer
Allowed me to build an app to help me learn other AI stuff more quickly; and
Allowed me to create a tangible application to my portfolio, which I can then use to build my personal brand if nothing else

Four birds if you include procrastinating actually studying for my course (while tricking my brain into thinking I was being productive).

Now, in the big scheme of apps that do useful things, this was a pretty lame one. But it illustrates this concept of creatively finding ways to use this tech for your career.

Conclusion

In summary, things are going bonkers with AI. To navigate this new world, adopt these three strategies:

Maximize your own personal adaptivity
Constantly refine your understanding of what AI can do; and
Think creatively about how you can apply AI to your career

Do this right, and your metamorphosis into Final Boss Prompt Engineer will be complete.

Prompt Engineer (me) at work attempting to make the ending to this article better.