Published 02/23/24
Proposed by HARMAN
Originally published on the HARMAN Newsroom
For cybersecurity, artificial intelligence (AI) is both a shield and a sword. By implementing AI-powered tools, businesses are better protected against potential cyber threats. However, by arming themselves with these same solutions, attackers are finding new ways to breach defenses and compromise key systems.
The result is a protective paradox: even as AI’s cybersecurity risks increase, they represent the best defense against itself. Here’s what businesses need to know to adapt to the new AI reality.
Slash and Learn: the emerging risks of AI
The past year has brought AI into the spotlight, as large language models (LLMs) and tools like ChatGPT and DALL-E have captured consumer attention. As noted by Thomas Schmitt, global director of security at Anheuser-Busch InBev and moderator of the recent CES technology conference, Our newest cyber threat is AI and AI is our greatest defense, “AI itself is not new, but LLMs and generative AI have boosted creativity.” This creativity, however, is not reserved for those with good intentions.
Just as AI makes it possible to write new stories or create new art, it also opens the door to new vectors of cyberattacks capable of bypassing current IT defenses.
According to Dr. Amit Elazari, co-founder and CEO of OpenPolicy, “the biggest threat is not rapid injection or data poisoning. Rather, it goes back to the foundations of defense and attack: attackers are always one step ahead. » Attackers have the luxury of experimenting with new AI technologies to see what works and what doesn’t, while defenders are forced to react.
The evolving nature of new tools also creates AI cybersecurity risks. Simply put, these solutions can learn from their mistakes, meaning that when one attack fails, the next one will incorporate data from that failure to improve results. In practice, this can take the form of advanced social engineering. Using available public data, knowledge of human behavior, and past actions of defenders, attackers can leverage AI to create advanced phishing and ransomware campaigns that are more likely to deceive even experienced users.
Keep humans in the know
According to Nicholas Parrotta, chief digital and information officer and president of Digital Transformation Solutions at HARMAN, “AI models are often wrong. We need humans to be involved. For example, we have just launched a broad language model for health, and doctors are at the center of this model. »
In fact, without humans, the risk increases. What we are seeing today is the explosion of what AI means. It is beyond an abstract computer solving problems, it is a car that drives itself or a process that automates itself. Ultimately, AI is a tool for humans. If we exclude humans from the circuit, we increase the threat level.
Use the right tools
“From a HARMAN perspective, we are seeing the rise of simple, intelligent and secure experiences,” Parrotta said. This is not an either/or situation; users want all three components simultaneously. Companies must therefore deploy tools that meet these expectations. For example, Digital Transformation Solutions from HARMAN can help businesses combine physical and digital resources to achieve dynamic results. HARMAN has also partnered with NVIDIA to develop AI-based solutions to detect and prevent cyberattacks.
Double the defense
Companies must redouble their efforts when it comes to security by design and red team drills, which the National Institute of Standards and Technologies defines as an exercise to demonstrate real-world situations in order to better identify security capabilities. Technology will continue to evolve and businesses need to be part of the conversation.
Opposites attract
AI has arrived. Generative tools have become mainstream and LLMs are making inroads into company-wide business strategy.
But the advantages come with disadvantages. Malicious actors are now using AI to compromise key operations and exploit the learning capabilities of these solutions to stay one step ahead of security teams. The paradox? By reducing AI-related cybersecurity risks, businesses can adopt intelligent technologies to detect potential issues, take immediate action, and give security professionals time to respond.
Curious about the emerging role of AI security? Check out the full CES session here.
By Doug Bonderud
HARMAN
HARMAN
ABOUT HARMAN
HARMAN International (harman.com), a wholly owned subsidiary of Samsung Electronics Co, LTD., designs and develops connected products and solutions for automobile manufacturers, consumers and businesses worldwide, including connected automotive systems, audio-visual products and solutions business automation; and services supporting the Internet of Things. With leading brands such as AKG®, Harman Kardon®, Infinity®, JBL®, Lexicon®, Mark Levinson® and Revel®, HARMAN is admired by audiophiles, musicians and the entertainment venues where they perform around the world entire. More than 25 million automobiles on the road today are equipped with HARMAN audio and connected car systems. Our software services power billions of connected, integrated and secure mobile devices and systems across all platforms, from work and home to car and mobile. HARMAN employs approximately 30,000 people in America, Europe and Asia. In 2017, HARMAN became a wholly owned subsidiary of Samsung Electronics.
More than HARMAN