Intelligent CIO North America Issue 39 | Page 54

FEATURE : CYBERSECURITY

THERE IS NO “ EASY BUTTON ” IN CYBERSECURITY AND ORGANIZATIONS SHOULD INSTEAD FOCUS THEIR EFFORTS ON DOING THE BASICS WELL AND LEVERAGING TECHNOLOGY – INCLUDING AI – AS PART OF AN OVERALL RISK-BASED SECURITY PROGRAM .

and potentially leave organizations vulnerable to outside exploits .
Generative AI tools are also helping threat actors develop and refine code to assist with ransomware , malware and other related attacks . While most generative AI models are designed to keep users from generating malicious code , the tools are not yet sophisticated enough to block all the prompts that may be used by cybercriminals .
Because generative AI tools are constantly learning from the information that they are fed , there is a risk that cybercriminals may also begin to corrupt AI models . By manipulating data fed into Generative AI models , threat actors could tamper with it to the point where it begins to produce incorrect outputs , biased results and other undesirable or unreliable outcomes .
The new cyber craze
There is a considerable opportunity for generative AI as an assistive form of technology , augmenting and assisting in the complex role of the security analyst rather than eliminating it and helping analysts build efficiencies in many key areas of their work .
Generative AI also offers exciting possibilities to help communicate complex security concepts to influential stakeholders , like company executives and board members , that may not speak the language of cybersecurity in the same way that analysts do .
There is no denying that generative AI has massive potential to be used for good in the industry . However , as is often the case in cybersecurity , too many vendors are overhyping its current capabilities .
Before the advent of generative AI , the industry was fixated on extended detection and response ( XDR ),
54 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com