CYBER SECURITY TERMINOLOGY EXPLAINED

What is Generative AI?

Generative artificial intelligence is a type of AI that generates text, images, and other media, often in response to inputted prompts. It learns from data, via machine learning, that already exists online and evolves as it continues to train on more data sets to predict outcomes in a human-like manner. LLM (Language Model) – is a type of artificial intelligence system designed to understand and generate human language. ChatGPT, Dall-E, and chatbots are all examples of generative AI models.

What are the benefits and risks of generative AI?

The benefits of generative AI include:

  • Increased efficiency. AI can help eliminate repetitive tasks, enabling employees to focus on value-added work, increasing employee productivity, and therefore increasing cost effectiveness, e.g., writing articles, analysing financial data, formatting emails.
  • Enhanced customer experience. Many companies are steering towards using chatbots, which rely on programmed natural language processing. Allowing the system to take a variety of inputs and produce a predictable output, aligned with the company’s mission, providing a fast and customer-centred solutions.
  • Personalised Experiences. GenAI enables personalised experiences by tailoring content in a focused manner that’s in line with your specific requirements.

The risks of generative AI include:

  • Lack of transparency. Loss of data from uncontrollable systems that might be exposed to unreliable third parties.
  • Accuracy. Generative AI systems sometimes produce inaccurate and fabricated answers.
  • Bias. Biases ingrained within the data sets on which AI learns can generate biased content, e.g., harmful stereotypes, prejudices, and fabricated content.
  • Data security. Data confidentiality risks may arise when inputting sensitive information into GenAI systems.

Advantages of GenAI in cyber security

The use of GenAI has made the world of cyber threat identification and response more efficient. Security analysts that want fast decision-making support can use GenAI. Additionally, GenAI can detect potential threats by identifying patterns and anomalies, allowing for preventative measures before a breach occurs.

Disadvantages of GenAI in cyber security

Criminals are also using Gen AI to automate large-scale attacks. The efficiency and rapid data analysis advance hackers’ capability to gain a tactical advantage; thousands of personalised phishing attacks can be generated in seconds. With the use of AI and algorithms, finding weaknesses’ in a company’s computer systems is easier than ever.

Additionally, GenAI is allowing cybercriminals to develop sophisticated social engineering attacks that evolve by bypassing cyber security measures, e.g., self-evolving malware. AI systems analyse a large amount of data, which allows hackers to generate emails and texts that seem more authentic and therefore harder to spot, e.g., with fewer grammar and spelling mistakes.

What your organisation can do in response to generative AI in cyber security

  • Employee training. Update employee training around GenAI to ensure that employees are aware of the rising levels of sophistication of cyberattacks, particularly increasingly convincing phishing attempts.
  • Due diligence. A due diligence process should be designed and carried out on new suppliers to have further control over third-party security measures.
  • Policies. Existing policies need to be updated to include the new technology and processes. For example, how are software patches identified and updated.
  • Settings. Toughen browser and AV settings to flag AI websites or websites with low trust scores.
  • Simulated attacks. To combat the rising level of sophistication of cyberattacks, simulated attacks on staff need to be more frequent and mimic the new approaches.
  • Defence in depth. Ensure that there is sufficient control and alerting to stop the progression of an attack.
  • Assessment and assurance. Frequent assessment by experts will be required to spot and manage vulnerabilities.

CYBER SECURITY UPDATES

Sign up for the latest advice and information about keeping your business cyber secure.