GenAI introduces dual challenges for defenders and attackers, turning the CISO role upside down amidst AI-driven cybersecurity threats.
In the wild, psychedelic circus of cybersecurity, every new trick brings a fresh wave of digital madness. Generative AI, the latest act in this cyber carnival, is flipping the script on both the threat landscape and the tools we use to tame it.
“Gen AI makes things easier for both the defenders and the attackers,” declares Subha Tatavarti, Wipro's chief technology officer, at a madhouse panel on cybersecurity threats in the AI era at the Fortune Brainstorm AI conference in San Francisco. This is no ordinary dance; it's a high-stakes tango with digital shadows.
Phishing attacks are getting a face-lift, thanks to generative AI. These large language models have turned the digital world into a sprawling, exposed battleground. Meanwhile, the dark web's latest offering is hacker-targeted ChatGPT-like chatbots, spewing vector attacks with the same ease as spinning up casual chit-chat. The speed of generative AI's invasion into the market (and the underworld) has companies reeling, scrambling to grasp these AI-enabled attacks while juggling new defense tools and a whirlwind of policy and compliance issues.
“I feel for the CISOs of today,” muses Tatavarti. It’s not just about staying afloat; it’s about inventing new ways to surf these digital waves.
Tatavarti, alongside Itai Greenberg of Check Point and EY's Rodrigo Madanes, dove into the chaos at a strategy session. They explored the seismic shifts in cybersecurity, where generative AI is the epicenter. The CISO role, once a bastion of technical know-how, is morphing into a wild beast of policy-making and operational wizardry.
“The CISO’s role is incredibly challenging and evolving quickly,” Madanes points out. It’s no longer just about guarding the data; it’s about wrestling with conversational interfaces and tools so new, they’re practically sci-fi.
Greenberg chimes in, painting a picture of CISOs navigating a labyrinth of tools and data, setting up digital moats and drawbridges to keep the barbarians at bay.
The panel buzzed with the electric energy of a storm brewing on the horizon. Speculation flew about the CISO role splitting in two – one part operational maestro, the other a governance guru.
Ross Camp from Commvault dropped a bombshell, pointing to the personal criminal liabilities CISOs now face. The case of former SolarWinds CISO Timothy Brown, charged by the SEC, is just the tip of an iceberg in a sea of legal sharks.
As for battling generative AI with its own fire, Madanes admits the industry is just revving its engines. “We’re only starting to see the shape of these new attack vectors,” he says, hinting at a race to build, assess, and deploy commercial solutions.
Greenberg, the sage of the session, warns of the dangers of putting all eggs in one digital basket. “It’s not one system, not one product that can deal with this,” he cautions.
So, buckle up, cybernauts. The GenAI era is here, and it’s turning the cybersecurity world into a psychedelic, high-wire act, with CISOs walking the tightrope.