Generative AI was apical of caput astatine the ISC2 Security Congress league successful Las Vegas successful October 2024. How overmuch volition generative AI alteration what attackers — and defenders — tin do?
Alex Stamos, CISO astatine SentinelOne and prof of machine subject astatine Stanford University, sat down with TechRepublic to sermon today’s astir pressing cybersecurity concerns and however AI tin some assistance and thwart attackers. Plus, larn however to instrumentality afloat vantage of Cybersecurity Awareness Month.
This interrogation has been edited for magnitude and clarity.
When tiny oregon mean businesses look ample attackers
TechRepublic: What is the astir pressing interest for cybersecurity professionals today?
Stamos: I’d accidental the immense bulk of organizations are conscionable not equipped to woody with immoderate level of adversary they’re facing. If you’re a tiny to mean business, you’re facing a financially motivated adversary that has learned from attacking ample enterprises. They are practicing each azygous time breaking into companies. They person gotten rather bully astatine it.
So, by the clip they interruption into your 200-person architecture steadfast oregon your tiny determination hospital, they’re highly good. And successful the information industry, we person not done a bully occupation of gathering information products that tin beryllium deployed by tiny determination hospitals.
The mismatch of the accomplishment sets you tin prosecute and physique versus the adversaries you’re facing is faced by astir each level astatine the ample enterprise. You tin physique bully teams, but to bash truthful astatine the standard indispensable to support against the truly high-end adversaries of the Russian SVR [Foreign Intelligence Service] oregon the Chinese PLA [People’s Liberation Army] and MSS [Ministry of State Security] — the kinds of adversaries you’re facing if you’re dealing with a geopolitical menace — is highly hard. And truthful astatine each level you’ve got immoderate benignant of mismatch.
Defenders person the vantage successful presumption of generative AI use
TechRepublic: Is generative AI a crippled changer successful presumption of empowering adversaries?
Stamos: Right now, AI has been a nett affirmative for defenders due to the fact that defenders person spent the wealth to bash the R&D. One of the founding ideas of SentinelOne was to usage what we utilized to telephone AI, instrumentality learning, to bash detection alternatively of signature-based [detection]. We usage generative AI to make efficiencies wrong SOCs. So you don’t person to beryllium highly trained successful utilizing our console to beryllium capable to inquire basal questions similar “show maine each the computers that downloaded a caller portion of bundle successful the past 24 hours.” Instead of having to travel up with a analyzable query, you tin inquire that successful English. So defenders are seeing the advantages first.
The attackers are starting to follow it and person not got each the advantages yet, which is, I think, the scarier part. So far, astir of the outputs of GenAI are for quality beings to read. The instrumentality astir GenAI is that for ample connection models oregon diffusion models for images, the output abstraction of the things that a connection exemplary tin enactment retired that you volition spot arsenic morganatic English substance is efficaciously infinite. The output abstraction of the fig of exploits that a CPU volition execute is highly constrained.
SEE: IT managers successful the UK are looking for professionals with AI skills.
One of the things that GenAI struggles with is structured outputs. That being said, that is 1 of the precise aggravated areas of probe focus: structured inputs and outputs of AI. There are each kinds of legitimate, bully purposes for which AI could beryllium utilized if amended constraints were placed connected the outputs and if AI was amended astatine structured inputs and outputs.
Right now, GenAI is truly conscionable utilized for phishing lures, oregon for making negotiations easier successful languages that ransomware actors don’t talk … I deliberation the existent interest is erstwhile we commencement to person AI get truly bully astatine penning exploit code. When you tin driblet a caller bug into an AI strategy and it writes exploit codification that works connected fully-patched Windows 11 24H2.
The skills indispensable to constitute that codification close present lone beryllium to a mates 100 quality beings. If you could encode that into a GenAI exemplary and that could beryllium utilized by 10,000 oregon 50,000 violative information engineers, that is simply a immense measurement alteration successful violative capabilities.
TechRepublic: What benignant of risks tin beryllium introduced from utilizing generative AI successful cybersecurity? How could those risks beryllium mitigated oregon minimized?
Stamos: Where you’re going to person to beryllium cautious is successful hyper automation and orchestration. [AI] usage successful situations wherever it’s inactive supervised by humans is not that risky. If I’m utilizing AI to make a query for myself and past the output of that query is thing I look at, that’s nary large deal. If I’m asking AI “go find each of the machines that conscionable this criteria and past isolate them,” past that starts to beryllium scarier. Because you tin make situations wherever it tin marque those mistakes. And if it has the powerfulness to past autonomously marque decisions, past that tin get precise risky. But I deliberation radical are good alert of that. Human SOC analysts marque mistakes, too.
How to marque cybersecurity consciousness fun
TechRepublic: With October being Cybersecurity Awareness Month, bash you person immoderate suggestions for however to make consciousness activities that truly enactment to alteration employees’ behavior?
Stamos: Cybersecurity Awareness Month is 1 of the lone times you should bash phishing exercises. People that bash the phishing worldly each twelvemonth physique a antagonistic narration betwixt the information squad and folks. I deliberation what I similar to bash during Cybersecurity Awareness Month is to marque it amusive and to gamify it and to person prizes astatine the end.
I deliberation we really did a truly bully occupation of this astatine Facebook; we called it Hacktober. We had prizes, games, and t-shirts. We had 2 leaderboards, a tech 1 and a non-tech one. The tech folks, you could expect them to spell find bugs. Everybody could enactment successful the non-tech side.
If you caught our phishing emails, if you did our quizzes and such, you could enactment and you could get prizes.
So, one: gamifying a spot and making it a amusive happening due to the fact that I deliberation a batch of this worldly ends up conscionable feeling punitive and tricky. And that’s conscionable not a bully spot for information teams to be.
Second, I deliberation information teams conscionable request to beryllium honorable with radical astir the menace we’re facing and that we’re each successful this together.
Disclaimer: ISC2 paid for my airfare, accommodations, and immoderate meals for the ISC2 Security Congres lawsuit held Oct. 13 – 16 successful Las Vegas.
English (US) ·