Before you ask, no — this article was not generated using AI. (Or was it?)
The world has been glimpsing into the world of artificial intelligence since the film Metropolis in 1927. For nearly 100 years, we’ve dreamed of the advances that AI could bring — whether it was something like the world of The Jetsons or The Matrix.
Artificial Intelligence is a hot topic right now, and it seems to be getting hotter every week. ChatGPT is just one of the latest AI machines that could be poised to take artificial intelligence to the next level. ChatGPT’s is writing content, generating convincing photographs of people, and even coding software programs.
One company produced an AI-generated 20-minute interview between deceased Apple founder Steve Jobs and Joe Rogan.
The realm of possibilities for AI seems limitless, which begs the question: what are the implications of AI for cybersecurity?
Is AI Ready to Take Over the World — Or Your Job?
Artificial intelligence has come a long way and ChatGPT’s capabilities are impressive, but AI isn’t quite ready for prime time. There’s a lot of excitement and fascination with ChatGPT, but when you look at it objectively, it doesn’t do much on its own very well — yet.
Artificial Intelligence machines depend on an overwhelmingly large pool of data to pull from so they can get trained appropriately. And as of today, they still require a good amount of human intervention for training. In terms of intelligence, AI still has a long way to go before it’s ready to run on its own.
That said, things are moving fast and it will be sooner rather than later when a true AI program is up and running on its own.
Is AI a Friend or Foe?
For all the excitement around artificial intelligence, there’s also a lot of trepidation. For the first time, white collar professionals are anxious about being replaced by a robot. Many people are worried that AI could be used for evil. Neither of those concerns is unwarranted.
Right, wrong, or indifferent, any time you have a new technology, it’s going to replace some kind of human labor. Robots replaced humans on a massive scale at automobile assembly lines. Automation software has reduced the need for human labor in nearly every area of business.
At the same time, few of us want to reverse course and give up those technological advances.
When you look at the unemployment rate over the decades, new technologies haven’t created long term impacts on unemployment rates. For some professionals, AI innovations might require pivoting their work, but AI won’t spell the end of most people’s careers.
There will doubtless be a transitional period as AI enters the security industry. But if done well, AI will enhance human labor, not replace it. In the end, if artificial intelligence can protect more people and organizations, that’s ultimately a good thing.
Security Risks of Artificial Intelligence
What about more nefarious implications of artificial intelligence? Already, many students have used ChatGPT to write entire papers for them. AI can create deepfake photos of celebrities — or, potentially, of you — in compromising positions.
For all the promise it brings, AI also creates new threats. As much as we intend to use AI for good in the security arena, there are those who will be determined to use the technology for evil.
Artificial intelligence will introduce more new security threats — and probably at a faster rate than we’ve ever seen before. You can bet your bottom dollar that bad actors are already inventing new ways to leverage artificial intelligence.
For example, there’s an entire industry where floors full of operators are targeting senior citizens as phishing victims. They claim that the target’s granddaughter Emma is in jail and the only way to get her out is to transfer money to an account.
Now imagine these bad actors leverage an AI chatbot to do deep research on Emma, load up 15 fake (but very convincing) pictures of her, and send them to her grandparents.
So, yes, artificial intelligence poses new security risks — and ones that we haven’t even considered yet. If nothing else, AI will certainly uncover security vulnerabilities much easier than today.
Artificial intelligence in Cybersecurity
While there’s reason for concern, there’s also reason for optimism. The good guys can use AI just as effectively as the bad guys. Artificial intelligence can be an incredible tool for white hat hacking and protection. Using AI could allow security professionals to improve protections at exponential rates.
Here are some examples of what true AI in cybersecurity could look like.
Pattern recognition and evaluation
Machine learning is already being used to detect patterns in web application firewalls and in central logging. Currently, a machine collects the patterns and humans teach it how to designate the patterns — alert, benign, or investigate further.
With true AI, artificial intelligence could take that premise and go one step further. AI sees the logs, interprets the patterns, and is then able to determine if it’s a good record or a bad record — with progressively greater levels of confidence. AI could potentially see a new pattern and make an informed evaluation, then place the record in the right category on its own.
Handling incident requests
ChatGPT could be used to respond to users’ incident requests, appropriately provisioning guidance to the user and knowing when and how to escalate the issue appropriately.
Monitoring security videos
Imagine an AI-based security camera monitor that knows the difference between a rogue squirrel in the hallway and a brick that gets thrown through a window — and also knows the appropriate response in each scenario.
As a bonus, I can’t wait until someone legitimately figures out how to effectively kill all email spam with AI! Or better yet, intelligently wastes the time of those damn robocalls so as to make their efforts not worth the cost!
Artificial Intelligence Is Good for Cybersecurity
Cybersecurity is a ripe candidate for the inclusion of AI. But only at a time that makes sense. There are so many functions within the security space, and countless rules to govern the oversight that’s needed for reliable protection.
You don’t want to roll the dice with your security and compliance, especially in this early phase of AI. It would be a mistake to hand over the keys to the kingdom to an AI machine today.
So the conclusion is this: as artificial intelligence comes into its own, the cybersecurity world is going to get a lot darker, but it’s also going to get a lot brighter. That arms race has already begun.
Get equipped with insider expertise
Subscribe to the TCT blog