Why generative AI is a double-edged sword for the cybersecurity sector

2023/08/28 Innoverview Read

Much has been made of the potential for generative AI and large language models (LLMs) to upend the security industry. On the one hand, the positive impact is hard to ignore. These new tools may be able to help write and scan code, supplement understaffed teams, analyze threats in real time, and perform a wide range of other functions to help make security teams more accurate, efficient and productive. In time, these tools may also be able to take over the mundane and repetitive tasks that today’s security analysts dread, freeing them up for the more engaging and impactful work that demands human attention and decision-making. 

On the other hand, generative AI and LLMs are still in their relative infancy — which means organizations are still grappling with how to use them responsibly. On top of that, security professionals aren’t the only ones who recognize the potential of generative AI. What’s good for security professionals is often good for attackers as well, and today’s adversaries are exploring ways to use generative AI for their own nefarious purposes. What happens when something we think is helping us begins hurting us? Will we eventually reach a tipping point where the technology’s potential as a threat eclipses its potential as a resource?

Understanding the capabilities of generative AI and how to use it responsibly will be critical as the technology grows both more advanced and more commonplace. 

Using generative AI and LLMs 

It’s no overstatement to say that generative AI models like ChatGPT may fundamentally change the way we approach programming and coding. True, they are not capable of creating code completely from scratch (at least not yet). But if you have an idea for an application or program, there’s a good chance gen AI can help you execute it. It’s helpful to think of such code as a first draft. It may not be perfect, but it’s a useful starting point. And it’s a lot easier (not to mention faster) to edit existing code than to generate it from scratch. Handing these base-level tasks off to a capable AI means engineers and developers are free to engage in tasks more befitting of their experience and expertise. 

(Copyright: VentureBeat Why generative AI is a double-edged sword for the cybersecurity sector | VentureBeat)