Plaintext: State of Generative AI
Welcome to Dark Reading in Plaintext, brought to your inbox this week by Wiz . In this issue of Plaintext, we look at how much has changed since ChatGPT made its debut a year ago. We also encourage healthy cybersecurity hygiene and awareness in light of Computer Security Day. If you enjoy Plaintext, please share with friends and colleagues!
ChatGPT Turns One: When ChatGPT launched a year ago on Nov 30, it was a fun toy. People asked ChatGPT random questions and laughed about the answers and marveled at how much it could do. And then came the doubts . ChatGPT could potentially leak company information. If ChatGPT was so good with natural language, would that mean better attacks and the end of phishing emails with misspellings and grammatical mistakes ? GitHub's Copilot opened the door to many developers using generative AI to write code , prompting concerns the code may be insecure , or violated licenses.
“Despite the attention around genAI as an enabler for less skilled teams, generative AI will actually be most beneficial for practitioners with experience," said Forrester principal analyst Allie Mellen. Forrester's latest AI pulse survey found that AI decision-makers believe that the IT department — including security — will get the most value out of generative AI compared to other departments within the enterprise.
Given the nature of hallucinations and incorrect responses, genAI functions best as a tool to be validated and then leveraged — not trusted outright. Those with the most experience will be able to qualify and execute based on the results faster and will see the most gains because of it. (Allie Mellen , a principal analyst with Forrester )
Security companies went all-in on AI, adding generative AI to SIEM , code scanning and vulnerability remediation tools, threat detection platforms, and to tools for identifying phishing messages , to name a few. Amazon Web Services embraced AI in a major way at re:Invent 2023 . Microsoft also made a splash at Microsoft Ignite in 2023 with a host of new generative and traditional AI capabilities to Azure and added Security Copilot to Microsoft Entra, a cloud-based identity and access management service.
All this happened in one short year. What is ahead for next year? More tools, more sophisticated and capable large language models, more integrations to start. Beyond that, stay tuned.
Dark Reading in Plaintext is brought to you by Wiz
The 2023 Cloud Vulnerability Report
Cracking the code to vulnerability management. Vulnerability management in the cloud is no longer just about patches and fixes. In this latest report, the Wiz Security Research team put vulnerability management theory into practice using recently identified vulnerabilities as examples. Download the 2023 Cloud Vulnerability Report today.
International Computer Security Day: We love made-up holidays (Did you know Nov. 23 is Fibonacci Day? We did not!) and didn't want International Computer Security Day to feel neglected. Much like the goals of Cybersecurity Awareness Month in October, this unofficial holiday (around since 1988!) encourages people to secure their computers and their personal information . With many people taking advantage of shopping deals online right now, and the growing volume of phishing, ransomware, and malware attacks, paying attention to cybersecurity hygiene is worth it . Use a password manager, enable multifactor authentication (or passkeys where available), invest in security tools, and get familiar with what attacks look like. And when something goes wrong, admit it — so that IT and security can take steps to contain the damage.
What We Are Reading
领英推荐
What We Heard On-Air
Tune in to our on-demand webinar?"Preventing Attackers from Navigating Your Enterprise Systems " to hear how to limit users from accessing systems or gaining privileges that their roles don’t require them to have.
“Ephemeral (one-time use) passwords are a Holy Grail when it comes to securing accounts. This is not something an organization should ever try to DIY.” Jake Williams, cybersecurity expert
From Our Library
Check out some of the latest reports from our Dark Reading Library .
On That Note
Being a CISO is hard . Are CISOs there just to be blamed when something goes wrong ? Is there a target on the CISO's back ? How much authority does the CISO really have ?
Send us your most creative cybersecurity caption for this month's Name that Toon contest before Dec. 13. [1] Email [email protected] with the subject line "Dark Reading November Toon" [2] Send via social media platform of your choice: X (formerly known as Twitter), Facebook , and LinkedIn .
Dark Reading in Plaintext is brought to you by Wiz
Partner Alliance Marketing Operations at Data Dynamics
7 个月The concerns raised about generative AI and its implications for cybersecurity are indeed thought-provoking. As we navigate the integration of AI into various security tools and platforms, it's crucial to maintain a balanced approach, leveraging AI's capabilities while ensuring thorough validation and scrutiny. Looking forward to seeing how these technologies continue to shape the cybersecurity landscape in the coming year.
Forrester Analyst for SecOps, nation state threats, AI/ML in security tools
11 个月Super cool, thanks for sharing and for including my thoughts.
Great dad | Inspired Risk Management and Security Profesional | Cybersecurity | Leveraging Data Science & Analytics My posts and comments are my personal views and perspectives but not those of my employer
11 个月The Wiz vulnerability report has very insightful conclusions for VM Teams. Encourage to read and make the most to leverage for future activities and decisions.
Business Cyber Risk Expert | NIST CSF & Zero Trust Assessment Leader | CISO Advisor | IT Market Analyst | Polymath-Autodidact
12 个月Irresponsible intelligence = masked ignorance
Vice President of Professional Services | LTC, TXSG, T-3 Operations Staff Officer
12 个月Oracle is all in with Gen AI also!