The increasing prevalence of AI technologies have raised a variety of concerns among security leaders. Platforms such as ChatGPT can automate previously laborious tasks, but also carry potential cyber risks for organizations.
RPLU and Vice President of Cyber Underwriting Peter Hedberg, Threat Intelligence Manager Ryan Bell and Chief Information Security Officer Greg Crowley led a Corvus webinar discussing the implications of AI platforms such as ChatGPT. The platform grew quickly, reaching one million users in less than a week, raising concerns over who was accessing the platform and for what purposes.
One concern discussed in the webinar was the ability to create phishing content via ChatGPT. The system works better at creating content than similar platforms, making it easier for threat actors to create believable phishing content. The platform eventually blocked the ability to create ransomware using ChatGPT.
There are also concerns with utilizing ChatGPT to complete work tasks. Employees may place sensitive information into ChatGPT to draft an email or other business documents. Additionally, the information ChatGPT provides may not always be accurate, raising the possibility of spreading misinformation.
Security leaders should provide guidelines to their employees on the acceptable use of ChatGPT and similar tools within the workplace.