Tools like Kubernetes and infrastructure as code previously marked major technological shifts, akin to the ongoing transition toward generative AI. DevSecOps teams now face a similar transformative period, requiring a reshaping of skills and approaches to accommodate this new technology wave.

Large language models (LLMs) and AI copilots are changing the way developers, data scientists, and engineers work, driving improvements in productivity, quality, and innovation. As these technologies become more embedded in everyday tasks, understanding their capabilities and limitations becomes imperative.

With the integration of generative AI, DevSecOps teams encounter novel data and security challenges. Teams must develop proficiency in managing these risks, necessitating a comprehensive grasp of AI functionalities and their potential vulnerabilities.

Preparing IT teams for AI

Chief Information Officers (CIOs) and other IT leaders are focusing on equipping their teams with the necessary skills to leverage AI effectively. Prioritizing training that includes hands-on experience with AI technologies is essential for fostering an adaptable and proficient workforce.

As automation and AI take over routine scripting and monitoring tasks, there is a shift towards prioritizing higher-level analytical skills. Focus areas now include product requirements analysis, software design, and strategic planning—skills that require a deeper level of thought and creativity.

To complement this, DevOps teams are moving towards roles that demand greater creativity and strategic insight, showing the need for skills that go beyond technical knowledge to include problem-solving capabilities that can drive innovation and strategic outcomes.

Key skills for generative AI 

Prompting AI and validation

Mastering the art of prompting AI tools and validating their outputs forms a foundation for deploying generative AI effectively. Developers and analysts must develop the ability to generate prompts that lead to high-quality outputs and critically evaluate these outputs for errors or biases. As AI tools like ChatGPT or other copilots become ubiquitous in software development and data analysis, the ability to discern between accurate and misleading AI-generated information directly impacts decision-making and operational integrity.

Data pipeline management

Data engineers are increasingly required to manage complex data pipelines that are essential for feeding the correct and relevant data into AI models. These pipelines must handle a vast array of data types, including unstructured data such as texts and images, which are critical for training generative AI models. Skills in cleaning, preprocessing, and transforming this data to make it suitable for AI applications are therefore in high demand. Understanding how to maintain data quality throughout this process is key to the reliability of AI outputs.

AI stack knowledge

A profound understanding of the AI stack is becoming indispensable for developers working in this new era. This includes familiarity with traditional software stacks as well as emerging tools and platforms that support AI development, such as vector databases and AI-focused APIs provided by platforms like Hugging Face, Llama, and LangChain. Developers must stay abreast of these technologies to build more efficient and innovative AI-driven applications.

Security and testing in AI implementation

Moving security practices earlier in the development lifecycle—commonly known as “shifting left”—is becoming more and more important as organizations rely more on AI-driven processes. Since AI can automate many aspects of security and testing, reliance on manual testing procedures is decreasing. Teams must integrate comprehensive security measures from the earliest stages of project development to detect vulnerabilities before they escalate into more significant threats.

Skills in AI-driven threat detection and the management of automated continuous integration/continuous deployment (CI/CD) pipelines are now essential. Teams must be proficient in using AI to identify potential security threats and inefficiencies within code. The capacity to manage and secure AI-enhanced workflows effectively prevents disruptions and enhances the security of software products.

With the continual expansion of AI technologies, continuous monitoring to detect and respond to incidents in real-time is critical. The unique vulnerabilities introduced by generative AI, such as prompt injections or data poisoning, require specific strategies and tools. Teams need to develop skills in setting up and managing systems that can monitor AI behaviors and trigger appropriate responses to threats swiftly.

Challenges and opportunities

Navigating regulations and risks associated with generative AI can be both a challenge and an opportunity. As lawmakers and industries adapt to the rapid deployment of AI technologies, organizations must keep pace with new regulations that aim to mitigate risks without stifling innovation. Understanding these regulatory environments helps in crafting strategies that leverage AI technologies while complying with legal standards.

Operationalizing AI involves developing AI models and making sure that they are comprehensive, scalable, and integrated well into existing systems. Organizations focus heavily on bringing AI projects from the experimental phase to full-scale production. Skills in managing the lifecycle of AI models—including deployment, monitoring, and continuous improvement—are essential for maintaining the relevance and efficiency of AI solutions in production environments.

Alexander Procter

April 25, 2024

4 Min