Flamboyant GenAI is on a Tear

Posted on by Robert Ackerman

No question, there have been plenty of big improvements in the digital world over roughly the last decade or so. A list of improvements might include far more capable smartphones, 4G (and more recently 5G) networks, which allow users to do things never thought possible with their phones, the explosion of social media, the advent and spirited growth of electric vehicles, and the advancement and heightened value of AI.

Yet today’s hot ticket – generative AI, also known as GenAI -- is a fresh branch of artificial intelligence, one focused on generating new data based on existing data. Among other things, GenAI can substantially help sorely outgunned cybersecurity pros do a better job and also create new and original content, chat responses, designs and synthetic data. GenAI is particularly valuable in creative fields, including novel problem solving.

A subset of AI-powered machine learning, GenAI involves the use of algorithms that improve automatically by learning patterns from vast amounts of data. Perhaps the most significant advantage of GenAI in information and computer security is the reduced reliance on human analysis and intervention. This comes at a particularly good time – one in which the amount of data has simply become too large to screen manually.

This is not to say that GenAI doesn’t have some substantial flaws. When an algorithm comes across novel, unidentified threats that don’t fit into preexisting patterns, this could easily result in false positives. More important, GenAI has given rise to a new generation of cyberthreats. Hackers have already begun experimenting with GenAI and are finding new opportunities to exploit vulnerabilities. 

According to a recent survey of 650 senior cybersecurity professionals in the U.S. by Deep Instincts, a New York-based cybersecurity company that applies deep learning to cybersecurity, 46% believe GenAI will increase their organization’s vulnerability to attacks. And 86% of respondents who experienced an increase in attacks over the past 12 months blamed it on threat actors using GenAI.

The hope is that the good guys – corporations, other major organizations and the federal government – will outplay the bad guys, and, in fact, Gen AI can fortify business defense. Regardless, the dye is already cast. The Deep Instincts survey found that 69% of them have already adopted GenAI tools and say it is already improving productivity, collaboration, and morale.

In addition, of course, money talks. According to a report by Grand View Research, the GenAI global market was valued at $13 billion in 2023, and North America is the most dominant market. Grand View forecasts that the GenAI market will reach $109 billion by 2030 – a staggering compound annual growth rate of 35%.

Technology companies heavily steeped in the development of GenAI algorithms are the Who’s-Who of their industry. Startup OpenAI, heavily funded by Microsoft, is one of the leading players in GenAI.. The company is known for its ground-breaking language models, including GPT-3.

Other major GenAI players are Microsoft itself, Google parent Alphabet and Meta Platforms (formerly Facebook).

Microsoft is investing heavily in several GenAI startups in addition to OpenAI and in the summer announced Copilot, a GenAI feature for its productivity software used by enterprises. At $30 per user, the feature is meant to add value and enhance enterprise productivity.

Alphabet is also working on GenAI and has a chatbot, Bard, similar to Open AI’s ChatGPT – a tool that lets users enter prompts to receive humanlike images, text or videos.

Meta Platforms, meanwhile, recently released a GenAI model that can generate code from scratch based on text prompts and can also be used to debug code in an unusually timely manner.

Overall, here are some of the key benefits that enterprises can reap with an investment in GenAI.

+ Generation of attack simulations. GenAI can be used to generate realistic attack simulations to train security analysts and test the effectiveness of security systems. It can also automate the process of patching vulnerabilities in real time.

+ Improvement of threat detection. GenAI can analyze vast amounts of data to identify patterns and anomalies that may indicate cyberthreats or attacks. In particular, this helps in the early detection of suspicious activities, enabling cyber pros to respond proactively.

+ Automated response to threats. AI-driven security systems can autonomously respond to known threats and attacks, reducing the time it takes to mitigate them and freeing human experts to focus on more critical tasks.

+ Improvement of endpoint resilience. GenAI can accomplish this by identifying and patching vulnerabilities and by implementing security measures that block endpoint attacks in the first place.

Executives interested in adopting or enhancing GenAI should also proactively compel their cyber pros to analyze the possibility of cyberattacks from the start. Specifically, they should convene cybersecurity managers and others for a board-level discussion – one focused on evolving risks and how GenAI can address them.

What enterprises need not fret about is that GenAI might wind up replacing human workers and annoying cyber pros. While AI can process vast amounts of data and identity patterns that humans may miss, it cannot replace the value of human intuition and creativity in decision making. For all its prowess AI still cannot think independently – and maybe never will.


Robert Ackerman

Founder/Managing Director, AllegisCyber, AllegisCyber Capital

Machine Learning & Artificial Intelligence

artificial intelligence & machine learning hacktivism Advanced Threat Protection threat management security intelligence big data analytics threat visualization persistence

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs