When OpenAI revealed his The ChatGPT program made AI applications accessible to almost everyone in November 2022. The chatbot made AI tangible for ordinary people, not just data scientists or computer engineers.
But not everyone wants to use these tools for benign purposes. Earlier this year, a finance employee in Hong Kong transferred more than $25 million from scammers using deepfake technology to impersonate the company’s CFO on a video call.
“These are things that keep me up at night,” Maria Milosavljevic, head of information security at ANZ Banking Group, told a news conference. Fortune virtual conversation “Unfortunately, AI, which is incredibly useful and powerful, is available to both our friends and our enemies.”
The event, organized in partnership with Accenture, explored the interaction between new generative AI tools and cybersecurity.
“We are seeing an increase in the scale and volume of attacks across the board,” said Scott Wilkie, global head of emerging technology security at Accenture. Consulting firm sees ‘doubling’ of ransomware attacks and a 1,000% increase in phishing attacks over the past 12 months.
“Generative AI and new large-scale language models enable more sophisticated, higher-volume attacks,” he said.
Calvin Ng, director of the Cyber Security Programme Centre at the Cyber Security Agency of Singapore, acknowledged that the frequency and severity of cyber attacks had increased. He said proper risk assessment and management were needed.
“You can easily create a phishing email, you can easily automate malware,” Ng explained. “You don’t have to be a cybersecurity professional; you can create malware using ChatGPT. It’s simplified; doing evil is simplified today.”
Ng warned of the risk of “data poisoning,” where an adversary targets the training set behind an AI mode. Organizations need to consider the implications of deploying AI that can “mine information everywhere and produce insights freely without consulting anyone,” and put safeguards in place to prevent data poisoning, he said.
Wednesday, Microsoft announcement he had discovered a way to jailbreak a generative AI model, causing it to ignore its guardrails and generate content related to explosives, drugs, and politics.
Panelists also stressed that AI can help, not just hinder, cybersecurity teams.
“We receive more than 10 billion data events every day. We can’t have humans looking at everything, which is why 35% of our incident response has already been automated using machine learning and AI,” Milosavljevic said.
Cybersecurity as a “team sport”
As attacks increase, cybersecurity is no longer just an IT initiative. On Wednesday, speakers stressed that cybersecurity is not just an enterprise-wide initiative, but an effort that involves multiple parties, including national governments.
“We’ve always had the adage that cybersecurity should be a team sport,” Wilkie said. “I’ve certainly never seen a time in the last five years where there’s been greater or better intentioned collaboration.”
For example, about forty countries are part of an international pact to agree not to give in to the demands of ransomware attackers. Members also agree to work together to undertake research projects aimed at strengthening resilience.
Governments also care about it for reasons of national security and geopolitics. If technology can help a country grow its economy, it must do so in a “balanced environment,” Ng said.
Companies, especially those not in heavily regulated industries, really need to adopt “good basic cyber hygiene,” said Jennifer Tiang, regional cyber practice leader for Asia at Willis Towers Watson. She compared it to home security: Having the most sophisticated camera systems doesn’t mean much if homeowners choose not to lock their doors.
“The risks they face are very sophisticated,” she said. “They need to get the basics right and invest where maybe there is minimal investment.”
Fortune is bringing Brainstorm AI to Asia for the first time, bringing together executives, founders, venture capitalists and regulators from around the world in Singapore from July 30-31. register here!
