Discover more from The Threat Prompt Newsletter
TP#3 The CISO view on AI
Plus: GPT3 Enriching SOC tickets
Welcome to the third edition - let’s get straight to this week’s ideas, where AI and Cybersecurity intersect…
Nvidia recently announced a partnership with Deutsche Bank to bring AI to financial services, including real-time risk valuation and model backtesting. In this unrelated interview, Nvidia’s CSO does a good job describing the shift that AI brings to the interplay between defenders and attackers.
The U.S. Army previously put AI security cameras to the test using a squad of Marines to build the algorithms and evade detection. The evasion tactics are well worth reading!
The US and EU joined forces to advance AI research and privacy-protecting tech through an expert-filled administrative arrangement. This increases the scope of previous efforts, with focus areas:
extreme weather and climate forecasting
emergency response management
health and medicine improvements
electric grid optimisation
No direct cyber call out, but protecting AI decision-making from attack will quickly become a thematic issue.
NATO ran a simulated experiment late last year that saw six teams of cyber defenders from NATO allies tasked with setting up computer-based systems and power grids at an imaginary military base and keeping them running during a cyberattack. If hackers interfered with system operations or the power went down for more than 10 minutes, critical systems could go offline.
Orca Security has already integrated OpenAI’s GPT3 API into its SOC (Security Operations Centre) platform. This feels like a very natural use case. The process takes a security alert and uses AI to generate a remediation plan through natural language generation.
Don’t code but have an idea for an AI tool? Don’t give up. In this very accessible conversation, Danny Richman describes how he builds AI-powered apps with no-code or low-code tools. Danny hit the news recently for making DannyBot, a low-code solution to help his dyslexic landscaping friend write professional emails to his clients.
Click the emoji that best captures your reaction to this edition…
I just pre-launched a service to help Indie Hackers and Solopreneurs navigate security due diligence by Enterprise clients: Cyber Answers for Indie Hackers & Solopreneurs. If you know someone who might benefit, please forward this note.
New To This Newsletter?
Subscribe here to get what I share next week.