Effective Altruism Forum
EA Forum

by Jarrah
2 min read 0

32

Career choiceAI safetyCommunityInformation securityBuilding the field of AI safety
Frontpage

TL;DR: We need technology and infrastructure specialists. You don't need to specialise in cybersecurity to have an impactful career addressing AI risk, or even to improve cybersecurity.

I've been providing advice and mentoring to EAs on cybersecurity and IT careers for a few years now, mostly at conferences. I've regularly made the case (often to the relief of the mentee) that people on cybersecurity and other IT career pathways should consider staying the course rather than retraining as machine learning researchers.

This year, after increased community focus on information security in relation to AI risk, I am now often asked how to retrain into a cybersecurity specialisation. In response, I'm making the case that an oversupply of cybersecurity professionals is not optimal, and (possibly un-intuitively) is not ideal for cybersecurity either.

Organisations working on AI risk, as well as other high impact organisations, need a range of technology skills in order to be successful.

In today's information world, technology provides enormous productivity for organisations. It's hard to do anything today without a plethora of IT services for communications, managing money, and doing data analysis. Good IT management is a force multiplier - you can have impact through increasing the efficiency and impactfulness of others' work.

Software engineering roles can also have high impact, as 80,000 hours notes "When investigating the world’s most pressing problems, we’ve found that in many cases there are software-related bottlenecks."

IT infrastructure skills are particularly in need for organisations working on AI risk, where the building and maintaining of cloud systems related to AI (including evals) is vital.

To have good cybersecurity, we need skilled technology professionals. Security needs to be integrated throughout systems, and is everyone's job. In my experience, people who are not security specialists but experienced and effective in technology make an enormous difference to security because they know the fundamentals and can build robust, reliable and securable systems - better than I could. An organisation with an information technology team and one security specialist is likely to be more secure than if it had a security team and no other technology specialists.

It's also worth noting that it is common to transition between technology specialisations. Many people in cybersecurity roles didn't start there, and many move to other specialisations. The lines between roles are often blurry as well, and to be effective in your work you will want to have a mix of skills from different areas.

The EA community needs information security experts, with a heightened need because of efforts to contribute in areas with information hazards. But we need other technology specialists, both to support the mission of organisations and to build robust, secure IT systems.

If you are studying or building career capital in IT operations, IT infrastructure or software engineering, you should not feel like you need to change to cybersecurity. If you are considering what to do for your career, cybersecurity is a great choice! But it's not the only technology career that will help you have a high impact.

If you would like to talk directly about your career, feel free to reach out to me through direct message. I also recommend 80,000 hours career advice.

32

0
0

Reactions

0
0

More posts like this

Comments


No comments on this post yet.
Be the first to respond.
Curated and popular this week
LintzA
 ·  · 15m read
 · 
Cross-posted to Lesswrong Introduction Several developments over the past few months should cause you to re-evaluate what you are doing. These include: 1. Updates toward short timelines 2. The Trump presidency 3. The o1 (inference-time compute scaling) paradigm 4. Deepseek 5. Stargate/AI datacenter spending 6. Increased internal deployment 7. Absence of AI x-risk/safety considerations in mainstream AI discourse Taken together, these are enough to render many existing AI governance strategies obsolete (and probably some technical safety strategies too). There's a good chance we're entering crunch time and that should absolutely affect your theory of change and what you plan to work on. In this piece I try to give a quick summary of these developments and think through the broader implications these have for AI safety. At the end of the piece I give some quick initial thoughts on how these developments affect what safety-concerned folks should be prioritizing. These are early days and I expect many of my takes will shift, look forward to discussing in the comments!  Implications of recent developments Updates toward short timelines There’s general agreement that timelines are likely to be far shorter than most expected. Both Sam Altman and Dario Amodei have recently said they expect AGI within the next 3 years. Anecdotally, nearly everyone I know or have heard of who was expecting longer timelines has updated significantly toward short timelines (<5 years). E.g. Ajeya’s median estimate is that 99% of fully-remote jobs will be automatable in roughly 6-8 years, 5+ years earlier than her 2023 estimate. On a quick look, prediction markets seem to have shifted to short timelines (e.g. Metaculus[1] & Manifold appear to have roughly 2030 median timelines to AGI, though haven’t moved dramatically in recent months). We’ve consistently seen performance on benchmarks far exceed what most predicted. Most recently, Epoch was surprised to see OpenAI’s o3 model achi
Dr Kassim
 ·  · 4m read
 · 
Hey everyone, I’ve been going through the EA Introductory Program, and I have to admit some of these ideas make sense, but others leave me with more questions than answers. I’m trying to wrap my head around certain core EA principles, and the more I think about them, the more I wonder: Am I misunderstanding, or are there blind spots in EA’s approach? I’d really love to hear what others think. Maybe you can help me clarify some of my doubts. Or maybe you share the same reservations? Let’s talk. Cause Prioritization. Does It Ignore Political and Social Reality? EA focuses on doing the most good per dollar, which makes sense in theory. But does it hold up when you apply it to real world contexts especially in countries like Uganda? Take malaria prevention. It’s a top EA cause because it’s highly cost effective $5,000 can save a life through bed nets (GiveWell, 2023). But what happens when government corruption or instability disrupts these programs? The Global Fund scandal in Uganda saw $1.6 million in malaria aid mismanaged (Global Fund Audit Report, 2016). If money isn’t reaching the people it’s meant to help, is it really the best use of resources? And what about leadership changes? Policies shift unpredictably here. A national animal welfare initiative I supported lost momentum when political priorities changed. How does EA factor in these uncertainties when prioritizing causes? It feels like EA assumes a stable world where money always achieves the intended impact. But what if that’s not the world we live in? Long termism. A Luxury When the Present Is in Crisis? I get why long termists argue that future people matter. But should we really prioritize them over people suffering today? Long termism tells us that existential risks like AI could wipe out trillions of future lives. But in Uganda, we’re losing lives now—1,500+ die from rabies annually (WHO, 2021), and 41% of children suffer from stunting due to malnutrition (UNICEF, 2022). These are preventable d
Rory Fenton
 ·  · 6m read
 · 
Cross-posted from my blog. Contrary to my carefully crafted brand as a weak nerd, I go to a local CrossFit gym a few times a week. Every year, the gym raises funds for a scholarship for teens from lower-income families to attend their summer camp program. I don’t know how many Crossfit-interested low-income teens there are in my small town, but I’ll guess there are perhaps 2 of them who would benefit from the scholarship. After all, CrossFit is pretty niche, and the town is small. Helping youngsters get swole in the Pacific Northwest is not exactly as cost-effective as preventing malaria in Malawi. But I notice I feel drawn to supporting the scholarship anyway. Every time it pops in my head I think, “My money could fully solve this problem”. The camp only costs a few hundred dollars per kid and if there are just 2 kids who need support, I could give $500 and there would no longer be teenagers in my town who want to go to a CrossFit summer camp but can’t. Thanks to me, the hero, this problem would be entirely solved. 100%. That is not how most nonprofit work feels to me. You are only ever making small dents in important problems I want to work on big problems. Global poverty. Malaria. Everyone not suddenly dying. But if I’m honest, what I really want is to solve those problems. Me, personally, solve them. This is a continued source of frustration and sadness because I absolutely cannot solve those problems. Consider what else my $500 CrossFit scholarship might do: * I want to save lives, and USAID suddenly stops giving $7 billion a year to PEPFAR. So I give $500 to the Rapid Response Fund. My donation solves 0.000001% of the problem and I feel like I have failed. * I want to solve climate change, and getting to net zero will require stopping or removing emissions of 1,500 billion tons of carbon dioxide. I give $500 to a policy nonprofit that reduces emissions, in expectation, by 50 tons. My donation solves 0.000000003% of the problem and I feel like I have f
Recent opportunities in AI safety
3
Apply to become a Futurekind AI Facilitator or Mentor (deadline: April 10)
Jay Luong
· · 2m read
0
0
35
Apply to MATS 8.0!
Ryan Kidd
·
0
0
37
AIS Netherlands is looking for a Founding Executive Director (EOI form)
7 authors
· · 5m read
4
4
View more