By Manish Gupta
GenAI brings a paradigm shift in cybersecurity, with its capabilities to emulate human understanding, learnings and the promise of both enhancing IT security and preventing new potential vulnerabilities. It can be a partner in protecting IT environments while being used to create new attack vectors. The stakes for IT and security are high, posing the question of what organizations need to do to unlock value in a responsible way.
The Dell Technologies Generative AI Pulse Survey reveals 37% of IT decision makers report some organizational hesitancy when it comes to GenAI adoption. Security concerns are among the top five contributors to hesitancy toward GenAI implementation. As with any emerging technology, there are risks we must manage while making sure these technologies reflect our human values. At the same time, GenAI also offers a great deal in helping us protect our IT environments.
Addressing GenAI risks
As the capabilities of GenAI expand, security is a top-of-mind for everyone. Hackers can use the speed and automation in which GenAI works, uncovering vulnerabilities faster, evolving malware in real-time, and building better phishing emails and digital spoofing. According to Dell Technologies Innovation Index report 2023, only 34% of Indian businesses are currently employing a holistic end-to-end security strategy integrating both hardware- and software-based protections. GenAI systems require proper security measures to help from becoming the target of attacks. These measures can reduce opportunities for fraud and new attack surfaces brought on by the rise of deepfakes.
Securing GenAI begins by implementing an infrastructure rooted in trust, starting at the device level and spanning all the way to the data and user. The goal is to have robust access control measures that prevent damaging access and potential misuse of the system. To secure data, capabilities such as data classification, encryption and secure data storage and transmission need to be in place. Human involvement is crucial for regular audits, identifying system anomalies, mitigating bias, and adhering to ethical guidelines.
GenAI bolsters cybersecurity
While industry works to address the risks of GenAI, it holds promise to become an ally in cybersecurity, opening avenues to help better protect organizations in the face of threats. As GenAI analyzes vast amounts of security data for an enterprise, makes predictions and is continuously learning, cybersecurity teams can better address threats. GenAI can then predict future threats or identify vulnerabilities, since it learns from past incidents and threat intelligence feeds.
Automation can transform how we approach security, especially in the prevention and detection control areas. By automating threat detection, GenAI reduces the time to discover and respond to attack attempts, mitigating potential damage. Automating routine cybersecurity tasks, such as incident reporting or threat sharing efforts, allows security teams to focus on more strategic tasks. Professionals work on what matters the most with faster access to insights they can act on.
Content creation may not be the first feature that comes to mind when one thinks about GenAI and cybersecurity, but this is a relevant capability for security awareness training. Leveraging GenAI for personalized training modules, using user roles, past behaviors, and common threats can reduce human error, a key factor in security incidents.
An optimistic view
GenAI is a dual-edged sword for cybersecurity. On the one hand, it brings new challenges that require us to rethink and evolve our cybersecurity strategies. But it also promises improved threat detection and response, predictive capabilities, and operational efficiency.
Throughout human history, we’ve managed the risk of innovation while advancing human progress. At Dell Technologies, dealing with technology in a responsible way is the foundational element of what we do. The key lies in using its benefits while proactively and vigilantly addressing the risks. Robust security measures, continuous monitoring and a flexible, ever-evolving approach to data privacy and ethics are recommended. As we dive into the GenAI era, the relationship between AI and cybersecurity will continue to be one of symbiotic evolution.
(The author is Manish Gupta, Vice President, Infrastructure Solutions Group, Dell Technologies India, and the views expressed in this article are his own)