Generative AI In Cybersecurity: What Should Business Leaders Know? New artificial intelligence (AI) tools help criminals orchestrate elaborate frauds. Earlier this year, thieves made off with $25 million from engineering firm Arup, impersonating the company’s CFO to manipulate an employee into transferring the money. More recently, criminals attempted to steal money and company information from a senior executive at global marketing giant WPP. They used fake audio files and information scraped from the internet to create misleading WhatsApp messages and Teams sessions, pretending to be the firm’s CEO.
These examples are not exceptions – criminals are exploiting generative AI at scale to create fake photos, videos, and voices, impersonating real people. For example, South Africa has experienced a 19% jump in deepfake attacks and a staggering 1,200% jump in the use of deepfakes.
“Generative AI is a very useful tool for criminals,” says Gerhard Swart, Chief Technology Officer at cyber security company, Performanta. “It helps them amplify tactics like phishing scams and social engineering, impersonating real people in ways that can be hard to detect if you’re not vigilant.” However, generative AI is also becoming a crucial tool for security teams, prompting business owners, boards, and executives to invest in these tools to help improve security. When is it the right choice, and what should they ask before they commit?
Generative AI consists of two components: natural language processing (NLP) and content generation.NLP enables AI bots to have elaborate conversations with humans. While digital agents such as Apple’s Siri and Amazon’s Alexa can handle basic commands, NLP-based AIs comprehend detailed statements and can understand follow-up questions. Consequently, it does not take in-depth training to interact with generative AI.
The second component generates well-written and detailed responses. These are not copied from another source, as a search engine might. Instead, generative AI uses predictive technologies to create original text, images, videos, and voices that seem like humans created them. Such features are very dangerous in the wrong hands.
“Generative AI lets us make much more sense of data and much more quickly than other tools. This is particularly valuable for cybersecurity because data overload is a serious barrier for security teams,” says Swart. Companies with 1,000 employees or more juggle at least 70 security products from multiple vendors. Due to this excess of systems and notifications, nearly half of all security alerts go undetected. Investigating security alerts is very time-consuming, and the average security professional only handles around ten per day.
Generative AI is significantly easing that burden through services such as Copilot for Security from Microsoft. Performanta is one of the first security companies to work intensively with this AI. “What used to take hours of human effort can now happen in minutes, even seconds. The AI sifts through alerts and reports, and human experts then ask it questions to aid their investigations. These AIs can also evaluate suspicious files and scripts, and they respond quickly to complex security events,” says Swart.
The value of security-focused generative AI is clear. However, Swart advises that companies pace themselves and look at what their security teams need. “There are many layers in security; you want to use such a tool in the right place. This technology works really well in security operations [SOC] and event management [SIEM]. However, most companies don’t run exclusive SOC and SIEM systems. They usually collaborate with a security provider or consume the security partner’s SOC and SIEM as services.”
Looking to that partner for guidance on where AI can play a role, “The imperative is on your security partners – are they evaluating and using generative AI? Can you access that AI as part of their service to you, or integrate the AI through their APIs? Generative AI is a game changer for security, but you don’t need to own it outright. You gain the benefits without worrying about the risks and costs associated with such a fast-changing innovation. The right partners are the smart way to start leveraging this breakthrough technology,” says Swart.
