GenAI is a dual-edged sword. On the one hand, it is a security risk, on the other it promises improved threat detection and predictive capabilities
GenAI brings a paradigm shift in cybersecurity, with its capabilities to emulate human understanding, and learnings and the promise of both enhancing IT security and preventing new potential vulnerabilities. It can be a partner in protecting IT environments while being used to create new attack vectors. The stakes for IT and security are high, posing the question of what organizations need to do to unlock value responsibly.
The Dell Technologies Generative AI Pulse Survey reveals that 37% of IT decision-makers report some organizational hesitancy when it comes to GenAI adoption. Security concerns are among the top five contributors to hesitancy toward GenAI implementation. As with any emerging technology, there are risks we must manage while making sure these technologies reflect our human values. At the same time, GenAI also offers a great deal in helping us protect our IT environments.
Addressing GenAI risks
As the capabilities of GenAI expand, security is a top-of-mind for everyone. Hackers can use the speed and automation in which GenAI works, uncovering vulnerabilities faster, evolving malware in real-time, and building better phishing emails and digital spoofing. According to Dell Technologies Innovation Index report 2023, only 34% of Indian businesses are currently employing a holistic end-to-end security strategy integrating both hardware- and software-based protections. GenAI systems require proper security measures to help from becoming the target of attacks.
Securing GenAI begins by implementing an infrastructure rooted in trust, starting at the device level and spanning to the data and user. The goal is to have robust access control measures that prevent damaging access and potential misuse of the system. To secure data, capabilities such as data classification, encryption and secure data storage and transmission need to be in place. Human involvement is crucial for regular audits, identifying system anomalies, mitigating bias, and adhering to ethical guidelines.
GenAI & cybersecurity
While the industry works to address the risks of GenAI, it holds promise to become an ally in cybersecurity, opening avenues to help better protect organizations in the face of threats. As GenAI analyzes vast amounts of security data for an enterprise, makes predictions and is continuously learning, cybersecurity teams can better address threats. GenAI can then predict future threats or identify vulnerabilities since it learns from past incidents and threat intelligence feeds.
Automation can transform how we approach security, especially in the prevention and detection control areas. By automating threat detection, GenAI reduces the time to discover and respond to attack attempts. Automating routine cybersecurity tasks, such as incident reporting or threat-sharing efforts, allows security teams to focus on more strategic tasks. Professionals work on what matters the most with faster access to insights they can act on.
Content creation may not be the first feature that comes to mind when one thinks about GenAI and cybersecurity, but this is a relevant capability for security awareness training. Leveraging GenAI for personalized training modules, using user roles, past behaviours, and common threats can reduce human error, a key factor in security incidents.
An optimistic view
Throughout human history, we’ve managed the risk of innovation while advancing human progress. The key lies in using its benefits while proactively and vigilantly addressing the risks. Robust security measures, continuous monitoring and a flexible, ever-evolving approach to data privacy and ethics are recommended. As we dive into the GenAI era, the relationship between AI and cybersecurity will continue to be one of symbiotic evolution.
(The writer is VP, Infrastructure Solutions Group, Dell Technologies India, views are personal)