According to Matan Hart, vice president of research at Tenable, the industry is in an arms race and power dynamics will swing back and forth.
“Both good and bad can speed up the process of building and adopting new tools, ultimately giving them an edge over others,” he says.
Generative AI advances the entire cybersecurity space, but the bad guys will continue to adapt based on past technological breakthroughs.
“Defenders must recognize that these changes are inevitable, adopt technology and embrace new work practices to stay relevant.”
Generative AI is very effective at transforming highly complex machine code into understandable sentences. In Hart’s view, that’s both good and bad for cyber defenders.
ChatGPT can be used against attackers, so for example, “Cybercriminal A” (mentioned in this example) uses ChatGPT-generated content in spam emails.
“Cybercriminals can bring that content to ChatGPT and the tool will confirm that they created the content on behalf of cybercriminal A,” Hart said.
“For this reason, some cybercriminals may shy away from tools, but most cybercriminals will try to find workarounds to protect themselves.”
For security teams and organizations, this is like any other new technology entering the arena.
Hart says it takes time to learn, but in the end the same rules apply. As defenders, the industry needs to understand their data infrastructure, determine where the greatest risks lie, and take steps to mitigate those risks.
advanced intelligence
Dan Shiebler, head of machine learning at Abnormal Security, believes cybersecurity solutions must also evolve in intelligence given the sophisticated tactics of cybercriminals.
Cyber-attack detection systems can benefit from incorporating large-scale language models to “learn the normal behavior of users in your organization and detect deviations from the norm. It may indicate an attempt at social engineering.
“Improved detection models based on AI will help organizations innovate against cybercriminals and provide the best possible defense against even the most sophisticated attacks,” he says.
Hart agrees with this view, believing that generative AI is a “supercharger for cyber defenders.”
For him, the truth is that generative AI, like Google Translate, and how you use it affect results.
“Generative AI does not necessarily provide new protections. Rather, it enhances the efforts of security teams by reducing response times, enabling faster decision-making, and tackling mundane and repeatable tasks. increase.
For example, we expect generative AI to be implemented in tools to quickly review code, accelerate incident response, and extract security analytics.
Researchers are now working to make the world safer by finding ways to put AI tools to good use, Hart said.
We can analyze malicious code, help create playbooks for incident response, provide the commands and queries necessary for extensive assessment of your digital infrastructure, and much more.
“Over the past few months, a research team at Tenable has explored how large-scale language models can be used in both offensive and defensive capabilities, as detailed in our latest report, How Generative AI is Change Security Research. I’ve been analyzing whether it can be used.”
AI ban?
Italy recently decided to ban ChatGPT, setting a precedent for other countries to follow.
Companies such as Samsung have already made similar decisions, with a South Korean vendor banning the use of AI after staff were found to be abusing the technology.
But Dr. Ilia Kolochenko, founder of ImmuniWeb and member of the Europol Data Protection Experts Network, thinks banning AI is a “pretty bad idea.”
“First, our competitors will utilize the latest AI technologies (generative AI such as ChatGPT) to intelligently automate various tasks and processes, reduce operating costs, and ultimately become more competitive in the global market. “We may outperform you by offering a product or service with
“Second, as many researchers have shown, by restricting or banning something, it may only increase the interest of those who try the forbidden fruit.”
Years after the pandemic, millions of employees still have unrestricted access to sensitive company data from personal and so-called “hybrid” devices, Korochenko said, which employers cannot monitor.
Such devices are likely to be used to silently access ChatGPT and may be used to deliberately enter sensitive or regulated data to test the system’s behavior. .
Therefore, he believes companies should train their employees and educate them about the risks and opportunities posed by generative AI.
“An acceptable use policy (UAP) should be created and disseminated throughout the workforce, and monitoring of third-party AI services is already widely deployed in enterprise data loss prevention (DLP) systems or for other purposes. can be implemented by any cloud access security broker (CASB).”
The uncertain future of AI
Going forward, Seibler says that the rise of AI is likely to significantly change many jobs, rather than eliminate them entirely, as “perfection is paramount” in some professions.
Tasks that involve moving data from one location or format to another may be automated. Tasks that require face-to-face interaction and personal accountability are more likely to fall into human hands.
AI systems have improved dramatically over the last two decades, but have historically been constrained by their reliance on vast amounts of data.
“Teaching an AI system to play Go or Chess requires showing the system much more of the game than a human can see,” says Shiebler.
He adds that recent advances in the base model are changing this. Modern AI systems like GPT4 can adapt their basic understanding of the world to new challenges based on a few examples and instructions.
“However, these systems lack the ability to continuously learn from their environment, and it is this kind of memory plasticity that enables organisms to accomplish long and complex tasks. of AI systems are struggling.”
For example, according to Siebler, selling a product requires communicating with multiple people, remembering the context of their reactions over days, weeks, or months, and integrating this into a long-term strategy. there is.
Today’s AI systems will struggle with this, but within the next 10-20 years AI systems will grow to be able to manage increasingly abstract challenges.
“Unfortunately, this allows AI systems to perform more nefarious tasks, such as online fraud and deception,” says Shiebler.
“Cybercriminals are already very sophisticated when it comes to compromising business emails, vendor invoice fraud, impersonating executives, and more. Armed with AI, cybercriminals are expected to become even more criminally savvy.
As a result, cybersecurity systems must become more sophisticated to combat fully autonomous adversaries that can change and adapt to overcome defenses.
