From Theory to Practice: Insights from the Convergence of AI + Cybersecurity, Season 2

Season 2 of our web series, The Convergence of AI + Cybersecurity, has wrapped! We covered a lot of ground in chapters 4-6, discussing the ins and outs of the double-edged sword that is artificial intelligence.

Attendees had the opportunity to hear about AI's impact on cybercrime from the threat researcher who discovered FraudGPT, explore the role of human experts in deploying AI for cybersecurity with machine learning experts, and learn best practices for incorporating AI into an organization’s security strategy from the CISOs of top organizations.

If you weren’t able to make it, no problem! Below are some of the key takeaways from each session. You can also watch each of the webinars (along with chapters 1-3) in our Resource Center.

The first session in Season 2 began with Rakesh Krishnan, a Senior Threat Analyst at Netenrich, discussing how FraudGPT—a tool that allows for the creation of more convincing phishing emails and malware—is a significant concern due to its ability to bypass censorship. This means that it can generate content that would normally be blocked by other AI models, making it a powerful tool for cybercriminals.

"A person with zero technical background can make use of this platform for any kind of malicious activities," said Krishnan. He gave examples of how FraudGPT can be used to create phishing emails in any language, program malware, and facilitate business email compromise attacks. He also pointed out the potential for AI to be used in more nefarious ways, such as creating deepfake videos or images for extortion campaigns, identity theft, and reputation manipulation.

However, the speakers agreed that AI can also be used as a powerful tool for cybersecurity, creating a constant arms race between criminals and cybersecurity experts. Graham Cluley, a Security Analyst and host of the Smashing Security podcast, pointed out, "While AI enables criminals to do their bad stuff, it also enables experts to harness AI to detect threats, detect and predict patterns, and bolster defenses."

Despite the increasing use of AI in cybercrime, the speakers emphasized that vigilance and robust cybersecurity practices remain essential in protecting against these threats. This includes being aware of potential scams, regularly updating security measures, and ensuring that all staff are educated about the risks. "Make sure you've got a layered, strong cybersecurity defense for all of your organization to best protect yourself," said Krishnan. "AI is a tool. It can be used for good; it can be used for bad. Make sure that you've got it working on your side as well."

Watch Chapter 4 On-Demand →

One of the key points of discussion during Chapter 5 was the potential impact of AI on jobs within the cybersecurity field. The consensus among the panelists was that AI is not likely to eliminate jobs but instead will improve efficiency and productivity, thereby enhancing the employee experience for security professionals.

Sherri Leach, Deputy CISO at Ingersoll Rand, pointed out that because AI is taking care of “high-volume, low-value events,” it allows cybersecurity professionals to focus on more complex tasks that require a higher level of skill and creativity. "AI definitely has had a really positive impact on the cybersecurity workforce, and I think it does greatly assist in job satisfaction because we are doing things now that aren't as mundane," she said.

Luca Belli, founder of Sator Labs, agreed, noting that while AI can effectively handle certain tasks, it cannot fully mimic human creativity and intuition. He also stated that there is a significant human component in the development of AI systems, from data labeling to system integration, underlining the ongoing need for human expertise in the field.

The panelists also discussed the potential pitfalls and limitations of relying too heavily on AI in cybersecurity. Dan Shiebler, Head of Machine Learning at Abnormal, highlighted the importance of understanding the behavior of AI systems to avoid unexpected and negative outcomes. “Without taking a first-principles approach to understanding what your system is doing and then how to fix the gaps in its behavior and make improvements to it,” he said, “you can end up with a system that does things that you really, really don't expect.”

Sherri remarked that one major consequence of this is a high rate of false positives and false negatives, explaining, “Those are some of the things that could quite possibly come as a result of the system not being trained properly or not being supervised, or not validating the information.”

Watch Chapter 5 On-Demand →

The final chapter of Season 2 focused on ​​the tools modern CISOS are using to stay ahead of AI-powered threats and explored how enterprises can successfully adopt AI.

James Mackay, Interim CISO at Markel, explained the importance of determining which specific problems could be solved by AI and how. He said the approach should be asking, “What problem am I trying to solve, and how is AI going to add value to solving that problem?” rather than letting the fear of missing out (FOMO) drive unnecessary adoption.

The panelists also warned about the potential hazards and challenges of implementing AI in cybersecurity, including the risk of data misuse, model poisoning, and misunderstanding of AI capabilities. Additionally, they emphasized the need for security leaders to ask the right questions when evaluating AI technologies.

Ethan Steiger, CISO at Advance Auto Parts, mentioned, for example, inquiring about how AI models are trained and how the data is managed. “We have to ask how the LLMs are trained and who's training them. Are they public models? Will the data from our model end up in their model? These are all things that you now have to start asking about when you evaluate your security tech.”

Looking to the future, the panelists stressed the need for continued learning and consideration of new technologies as they emerge. Mick Leach, Abnormal’s Field CISO, advised security leaders to be proactive in keeping themselves abreast with the latest AI developments and open to innovation and emerging technology. “Take a meeting with a small disruptive startup, somebody that you've never heard of, and take a look and see what they're doing,” said Mick. “You may not buy it, but it'll at least help you understand where the innovation is going.”

Watch Chapter 6 On-Demand →

These summaries are just scratching the surface of what our speakers shared in their sessions. Every chapter in season 2 is packed to the brim with valuable insights on the transformative intersection of AI and cybersecurity and advice on how organizations can respond to the increasing surge of AI-generated threats.

All six chapters of the Convergence of AI + Cybersecurity series are available on demand, and each session is eligible for ISC2 credits. Be sure to keep an eye out for Season 3 later this year!