That didn't take long. https://twitter.com/mattshumer_/status/1679147813517631489/photo/1

cross-posted from: https://slrpnk.net/post/561959 > With as much as AI like chatGPT are used to aid in programming is anyone working on developing AI as an iterative attack surface to probe networks? > > There are some obvious ethical concerns, but I can see a future with AI red and blue team actors playing a substantial role in network security.

informationsecuritybuzz.com

cross-posted from: https://lemmy.pro/post/40179 > The rise of ChatGPT has been well-documented as a cybercrime gamechanger, democratizing highly advanced tactics, techniques, and procedures (TTPs) so average adversarial threat actors can increase lethality at low costs. Empowering run-of-the-mill hackers to continuously punch above their weight class will only continue to amplify the volume and velocity of attacks. heightening the importance of effective penetration testing programs that help mitigate the severe business impact of breaches. On average, victims lost a record-high $9.4 million per breach in 2022. > > Compounding the issue is a pattern of poor security posture across the public and private sectors. SANS 2022 Ethical Hacking Survey found that more than three-quarters of respondents indicated “only a few or some” organizations have effective Network Detection and Response (NDR) capabilities in place to stop an attack in real-time. Furthermore, nearly 50% said that most organizations are either moderately or highly incapable of detecting and preventing cloud- and application-specific breaches. It’s clear that more must be done to swing the balance of power away from adversaries. > > Enter penetration testing, which can provide unrivalled contextual awareness for refining cyber defences, threat remediation, and recovery processes within an overarching risk management architecture. For organizations implementing penetration testing programs at scale, keep the following fundamental tenets top of mind to maximize impact.

www.csoonline.com

cross-posted from: https://lemmy.pro/post/40180 > The rapid pace of change in AI makes it difficult to weigh the technology's risks and benefits and CISOs should not wait to take charge of the situation. Risks range from prompt injection attacks, data leakage, and governance and compliance. > > All AI projects have these issues to some extent, but the rapid growth and deployment of generative AI is stressing the limits of existing controls while also opening new lines of vulnerability. > > If market research is any indication of where the use of AI is going, CISOs can expect 70% of organizations to explore generative AI driven by the use of ChatGPT. Nearly all business leaders say their company is prioritizing at least one initiative related to AI systems in the near term, according to a May PricewaterhouseCoopers’ report.