Will AI make organizations more secure?

ChatGPT, the dialogue-based AI chatbot capable of understanding natural human language, has become another icon in the disruptor ecosystem. Gaining over 1 million registered users in just five days, it has become the fastest growing tech platform ever.

ChatGPT generates impressively detailed human-like written text and thoughtful prose, following a text input prompt. In addition, ChatGPT can write and hack code, which is a potential major headache from an infosec point of view and has set the Web3 community on fire. They are reeling from the implications and the sheer ingenuity of this AI chatbot that can analyze code and detect vulnerabilities in seconds.

Following the hype around ChatGPT, the race is now on between OpenAI’s Chat GPT and Google’s LaMDA to be the market-leading natural language processing (NLP) search tool for users and corporations moving forward. OpenAI is a newbie with $1 billion in funding and a $20 billion valuation, as opposed to Google’s towering $281 billion revenue. However, Google must rapidly innovate and adapt or risk being left behind, an example being TikTok and Meta, with the short format of TikTok leading the zeitgeist to become the most downloaded app, beating Facebook in 2022. Google is taking this seriously, having announced a ‘code red’ to develop a new AI-based search engine product to counter OpenAI’s land grab. Ironically, ChatGPT uses the same conversational AI platform developed by Google's engineers in 2017.

How will AI impact cybersecurity?

How this will affect cybersecurity in the future is unknown, but there are some assumptions.

In the long term, this will be a net positive for the future of cybersecurity if the necessary checks and balances are in place. In the short term, AI will expose vulnerabilities which will need to be addressed, as we could see a potential spike in breaches.

AI that writes and hacks code could spell trouble for enterprises, systems and networks. Current cybersecurity is already failing with exponential rises in hacks across every sector, with 50% more hacks in 2022 than in 2021.

With AI maturing, the use cases can be positive for the enterprise security and development workflow, which will increase the defense capabilities above the current (existing) security standards. Solutions that use AI as part of a breach detection system can monitor all networked devices and smart contracts in real time. The benefits of AI for cybersecurity include:

AI can help organizations improve their cybersecurity defences by enabling them to better detect, understand and respond to potential threats. AI can also help organizations respond to and recover from cyberattacks more quickly and effectively by automating tasks such as incident response and investigation. It can free up human resources to focus on more high-level, strategic tasks.
By analyzing large volumes of data and using advanced machine learning algorithms, AI could (in the future) identify patterns and trends that may indicate a cyberattack is imminent, allowing organizations to take preventive measures before an attack occurs, minimizing the risk of data breaches and other cyber incidents.
The adoption of AI could help organizations stay one step ahead of potential attacks and protect their sensitive data and systems. By integrating AI into an organization's production pipeline to create smarter and more robust code, with developers instructing AI to write, generate and audit (existing programming) the code.
AI currently cannot replace developers as it cannot understand all of the nuances of systems (and business logic) and how they work together. Developers will still need to read and critique the AIs output and learning patterns, looking for weak spots. AI will positively impact the CISO and IT team’s ability to monitor in real time. Security budgets will be reduced, cybersecurity teams will also reduce in numbers. Only those who can work with and interpret AI will be in demand.

However, bad actors can increase the attack vector, working smarter and a lot quicker by instructing AI to look for exploits and vulnerabilities within existing code infrastructure. The cold hard truth could mean that thousands of platforms and smart contracts could suddenly become exposed, leading to a short-term rise in cyber breaches.

As ChatGPT and LaMDA are reliant on large amounts of data to function effectively, if the data used to train these technologies is biased or incomplete, it could lead to inaccurate or flawed results: For example, Microsoft’s TAY AI turned evil within hours. Solutions that use AI should monitor the metadata of the known operational baselines of devices and systems, ensuring they have not been tampered with in any way, allowing them to detect behavioral changes to devices and networks, referencing known industry baselines (OS and firmware updates), rather than learning and forming decisions based upon diverse individual opinions.
Another issue is that AI is not fool proof and can still be vulnerable to cyberattacks or other forms of manipulation. This means that organizations need to have robust security measures in place to protect these technologies and ensure integrity.
It is also important to consider the potential ethical implications of using ChatGPT and LaMDA for cybersecurity. For example, there may be concerns about privacy and the use of personal data to train these technologies or about the potential for them to be used for malicious purposes. Solutions that only monitor metadata and behavioral changes in devices and smart contracts and not any kind of personal identifiable information (PII) are crucial.

AI will require enterprises to up their game. They will have to implement and use AI services within their security QA workflow processes prior to launching any new code/programs. AI is not a human being. It will miss basic preconceptions, knowledge and subtleties that only humans see. It is a tool that will improve vulnerabilities that are coded in error by humans. It will seriously improve the quality of code across all web2 and web3 organizations. The current breach detection time as measured by IBM, according to IBM's 2020 Data Security report, is up to 280 days, on average. Using AI systems as part of an enterprise defense-in-depth posture, breach detection times can be reduced to less than 1 second, which changes the game.

It is worth noting that AI is a relatively new technology and is still being developed and refined, therefore we can never 100% trust its output. Human developers will always be needed to ensure that code is robust and meets an organization's business requirements. However, AI is being used by both good and bad actors in an effort to give them the edge. With regulation working several years behind technology, we need organizations to implement a cyber-secure mentality across their workforces in order to combat the increasing number of evolving hacks. The genie is now out of the bottle and if one side isn't using the latest technology, they're going to be in a losing position. So if there's an offensive AI out there, enterprises will need the best AI tool with which to defend themselves. It's an arms race as to who has the best tool.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.