My comments on Artificial Intelligence in cybersecurity. ai #chatgpt
How can we incorporate AI in to our security operations, security investigations or security controls management?
I think all discussions about AI need to start with a definition: what do we mean by AI? Otherwise, it’s a vague term, used very broadly. If we mean machine learning, then of course, that is already ubiquitous in cybersecurity tools, and its use will only increase over time.
If we mean large language models, then my experience of them is that they work best as a tool for creativity as they can quickly assess and combine information in surprising ways. But they cannot be used for gathering factually accurate information — you always have to verify all of their output. They also cannot reason logically when given natural language input; for instance, I find them to be prone to “closed world” assumptions. So, I use the language models a lot, but as a way to get a quick initial first draft analysis or synthesis based on input data, or to generate fresh insights. Thereafter, a human has to take over.
I’m interested to hear from anyone using AI profitably in cybersecurity (beyond using tools that have ML and/or NLP built in).