All Posts

    Noam Morginstin Noam Morginstin
    Sep 06 5 min read

    How generative AI is increasing cyber risk & what to do to make sure you’re ready


    Generative AI is all the buzz these days with the popularity of platforms and tools such as ChatGPT, Bard, Scribe, Jasper, and others experiencing exponential growth.

    This is a technology that has come to the fore with the force of a runaway train that’s bringing us head long into the future at the speed of light. It is transforming everything we do from writing code to making travel plans. And cybersecurity is no exception.

    With its ability to automate tasks, create predictive models, generate simulated environments, and analyze masses of data, even entry-level analysts can now do in seconds what their seasoned colleagues can’t do in days.

    But as is the case with just about every new technology, along with opportunity comes risk.


    The opportunity

    Generative AI can be very powerful for bolstering the organization’s ability to stay ahead of threat actors, with accelerated capabilities for:

    Anomaly detection, making correlations, recognizing patterns, and detecting anomalies that otherwise go unnoticed. The result is threat detection that is elevated to new heights with more risks that can be identified proactively before the damage is done.            

    Model training, augmenting data and creating cybersecurity datasets that reflect real-world scenarios. This enables security teams to overcome the challenge of insufficient data when training detection models.

    Threat actor profiling, analyzing masses of historical security event data to create threat actor profiles for better anticipating the attacker behaviors.

    Attack simulations, for enhancing pen testing by creating attack simulations that mimic the tactics and behaviors of real attackers.

    Malware generation, creating malware that resembles real threats for testing the organization’s detection and response processes and policies, and optimizing where needed.

    And that’s just the tip of the iceberg.


    The heightened risk

    The transformative powers of generative AI, however, are not only clear to security leaders and their teams. Cybercriminals have also taken note, and action.


    External threats

    Hackers are leveraging the technology to automate attacks, evade cybersecurity defenses, and even create malware that mutates in real-time.

    They are also sharing tips on Dark Web forums on how generative AI platforms such as ChatGPT can be used to execute a variety of sophisticated attacks.

    And when it comes to social engineering, they are creating phishing emails that impersonate the style and tone of executives with greater accuracy than ever. This enables them to be more effective in tricking unsuspecting employees into sharing proprietary information or transferring funds to fraudulent accounts in business email compromise schemes.


    Internal threats

    The risk is not relegated to external actors alone. Employees who use sensitive and confidential information in their ChatGPT prompts are putting such data at risk. The generative AI bot can later use this data in its responses to users who should not be exposed to this information.


    Code vulnerability

    Moreover, turning to generative AI for automatically writing code will increase the risk of buggy and exploitable output.

    In one research it was found that 40% of suggestions made by GitHub Copilot, the tool developed by GitHub and OpenAI for turning “natural language prompts into coding suggestions,” resulted in code vulnerabilities.


    Virtual War Room


    Beware and be ready

    Generative AI is here to stay. Yes, on the one hand it promises a cybersecurity upside. But on the other hand, it is also expanding the threat landscape. The key to maximizing reward while minimizing risk is raising awareness and improving preparedness.

    Employees need guidance about how to use secure prompts, and developers need to be aware that they should tread carefully with code that’s been generated automatically.

    But it doesn’t end there. The old axion about cyberattacks being a matter of “when” and not “if” has never been truer. So, no matter how sophisticated AI gets, no matter how much generative AI you use to revolutionize your security infrastructure, processes, and capabilities – nothing can ever displace preparedness.

    This is where Exigence can help.

    With our SaaS-based platform that brings automation and speed to incident response (IR) planning, attack simulations, and resolution, security leaders and their teams can be confident that they are ready for come what may.


    Streamlining IR planning

    The importance of the IR plan cannot be underestimated. It is the strategic playbook that provides critical guidance to responders regarding policies and procedures, so they can contain and resolve an attack as quickly as possible.

    With the Exigence platform, IR plan creation is fully digitized and template driven. The intuitive interface walks users through the different sections of the IR plan, helping them to fill out all the relevant parts quickly and accurately.

    The result is an accurate and actionable plan that accelerates response, remediation, and resolution.


    Simulating attacks with tabletop testing

    The second part of the preparedness equation is performing tabletop exercises to test plans, processes, and procedures, and ensure that everyone knows who does what and how they need to do it.

    The Exigence platform enables teams to gauge how ready they are with playbook driven tabletop simulations, automated alerts regarding upcoming exercises, as well as reminders if they have been missed.


    Accelerating incident response & resolutions

    The platform automatically coordinates teams, tools, and workflows from trigger to lessons learned. It brings structure and clarity during the full lifecycle of incident resolution, and enhances collaboration among all stakeholders with the Exigence Situation Room which brings everyone into one place for clarity and alignment.


    In conclusion

    Indeed, generative AI is poised to usher in a new era of opportunity for innovation, creativity, and productivity. And at the same time as it is sparking imagination, it is also introducing new cyber risks.

    As such, those who are charged with ensuring the security of their organization’s systems, apps, and data need to take heed.

    The key to bringing the promise to life while minimizing the risk is to be prepared with a well-designed IR plan and finely crafted simulations, which together empower the organization to outpace threat actors, no matter what kind of technology they have on their side.


    To learn more about how Exigence can help you be prepared for any kind of attack that’s driven with any kind of technology, we invite you to book a demo by clicking here.


    New call-to-action

    Critical Incident Management major incident management CyberSecurity Incident Response Automating Critical Incident Management

    Critical Incident Management major incident management CyberSecurity Incident Response Automating Critical Incident Management