Priya PatelTLDR:
Panelists at a recent Verizon event discussed the impact of generative AI on cybersecurity. The discussion focused on the use of generative AI, particularly ChatGPT, in creating spear-phishing attacks that are difficult to detect. The panelists also emphasized the importance of implementing AI governance to assess and control the risks associated with the use of generative AI tools. They highlighted the need for organizations to be cautious about sharing proprietary or sensitive information with these tools and to verify the accuracy of the information generated by generative AI. The panelists also discussed the potential for AI arms races in the future, where countries with resources to develop sophisticated AI programs may be involved in AI attacks.
During the panel discussion, the panelists emphasized that the role of humans in cybersecurity is evolving as the focus shifts from protecting against data loss caused by bad actors to defending against attacks launched by machines. They highlighted the increasing sophistication of generative AI tools, which are making spear-phishing attacks more targeted and convincing. The panelists also highlighted the challenge of identifying these attacks, as generative AI can clean up the grammar and provide a succinct approach that is more clickable to potential targets.
The panelists discussed the importance of implementing AI governance and providing awareness to end-users about the risks and best practices associated with the use of generative AI tools. While the state government does not prohibit the use of generative AI, there are guidelines in place to ensure that sensitive or proprietary information is not shared and that the information generated by these tools is accurate.
The panelists also discussed the potential for AI arms races in the future, with countries that have the resources to develop sophisticated AI programs becoming involved in AI attacks. They emphasized that defending against these attacks will require more than just proofreading phishing emails and that organized crime groups may face challenges in implementing AI attacks due to their loose affiliation.
