SAN FRANCISCO—All the positive and negative aspects of artificial intelligence are still unknown, a senior US cybersecurity official says, and companies rushing to respond to popular trends by rolling out new models are at risk. He said he may have been exposed.
“AI has a wide range of risks and benefits,” said Eric Goldstein, executive assistant director of cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency, in an interview at the RSA conference on Wednesday.
Significant advances in machine learning and other areas of AI are enabling analysts to quickly interpret large amounts of data and systems to alert defenders of breaches before humans even notice. But it can also do harm, he said.
“Think of the ways in which AI plays games like Go and Chess in a fundamentally inhuman way. What would an AI red team or adversarial AI look like?” Goldstein said AI models that could be deployed to test an organization’s cyber defenses in a benevolent manner, or maliciously You mentioned AI models that might try to infiltrate your system.
Agencies consider both angles before making recommendations on best practices for AI deployment, he said.
Ads – scroll to continue
Fascinated by generative AI models such as ChatGPT, which can summarize data, write songs, and generate code based on conversational prompts, how this technology can be used to improve cybersecurity There is intense speculation about Analysts have also expressed concern that these platforms could be used by hackers to craft sophisticated phishing emails or generate malware.
This week, many companies, including Alphabet, of the corporation
Google Cloud Unit, SentinelOne Ltd.
and SecurityScorecard described a product that integrates generative AI algorithms, known as large language models, with cyber tools.
“There is a burgeoning community deploying generative models.” Rob Joyce, Director of Cybersecurity at the National Security Agency, said in a meeting with reporters at the conference: The publicity storm could increase the risk, he said.
Ads – scroll to continue
“I think there is an improvement in intellectual property in the AI space that is worth targeting, and that is something companies need to worry about protecting,” he said.
According to Joyce, Chinese hackers have long been interested in intellectual property that has both military and economic value, and AI has both. Beijing has regularly denied involvement in intellectual property theft.
Morgan Adamski, chief of the NSA’s Cybersecurity Collaboration Center, said the agency is working with companies in sectors such as the defense industrial base to share threat intelligence, and where the agency has key dependencies in AI development. said they are working to understand
Ads – scroll to continue
These include companies that are pioneers in AI and what makes up their supply chains. This is similar to how agencies value other major technologies such as semiconductor and computer chip manufacturing.
“I definitely think we will see the same persistent threats to AI companies as we have seen with other technologies,” Adamski said.
Write to James Rundle at james.rundle@wsj.com.
