How Are Security Professionals Managing the Good, The Bad and The Ugly of ChatGPT?

ChatGPT has emerged as a shining light in this regard.
Already we're seeing the platform being integrated into corporate systems, supporting in areas such as customer success or technical support.
The bad: The risks surrounding ChatGPT. Of course, there's always two sides to the same coin, and reasons for hesitancy around ChatGPT remain.
From security to data loss, several challenges are prevalent on the platform.
Further, the ability to verify and rely on the accuracy of data and subsequent outcomes that ChatGPT provides isn't certain.
ChatGPT is a learning platform - if it's fed bad data, it will produce bad data.
It's also important to recognise that ChatGPT itself already suffered a breach in 2023 due to a bug in an open-source library.
If an attacker is successful in infiltrating ChatGPT - something that can be achieved through potentially hidden vulnerabilities - they may in turn serve some malicious code through it, possibly affecting millions of users.
According to a survey of IT professionals from Blackberry, more than seven in 10 feel that foreign states are likely already to be using ChatGPT for malicious purposes against other nations.
There are a variety of ways in which adversaries can tap into intelligent AI platforms.
In the same way that customer service professionals may leverage the platform, threat actors can use it can make their phishing lures look more official and coherent.
In this sense, ChatGPT could democratise cybercrime in the same way that ransomware-as-a-service would - a reality that would lead to a massive spike in the volume of attacks we witness globally.
Of course, that's been hard to do - many people didn't even know what ChatGPT was at the start of the year.
ChatGPT will be key in unlocking user productivity and creativity.
OpenAI itself has recognised the importance of addressing security concerns in order to fulfil the platform's potential.
The company recently announced the rollout of ChatGPT enterprise, offering capabilities such as data encryption, and the promise that customer prompts and company data will not be used for training OpenAI models.
To effectively combat all risks, organisations should look to embracing a diverse suite of security tools to maximise protection.
Isolation can record data from sessions, allowing organisations to keep track of end-user policy violations in web logs on platforms like ChatGPT, such as the submitting of sensitive data.
Isolation is a key component capable of ensuring that ChatGPT is used in a secure manner, making it easier to enact key policies and processes.
Having worked for over 15 years for various tier 1 vendors who specialise in detection of inbound threats across web and email as well as data loss prevention, Brett joined Menlo Security in 2016 and discovered how isolation provides a new approach to solving the problems that detection-based systems continue to struggle with.


This Cyber News was published on www.cyberdefensemagazine.com. Publication date: Wed, 20 Dec 2023 06:13:04 +0000


Cyber News related to How Are Security Professionals Managing the Good, The Bad and The Ugly of ChatGPT?

How Are Security Professionals Managing the Good, The Bad and The Ugly of ChatGPT? - ChatGPT has emerged as a shining light in this regard. Already we're seeing the platform being integrated into corporate systems, supporting in areas such as customer success or technical support. The bad: The risks surrounding ChatGPT. Of course, ...
11 months ago Cyberdefensemagazine.com
XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT - With its widespread use among businesses and individual users, ChatGPT is a prime target for attackers looking to access sensitive information. In this blog post, I'll walk you through my discovery of two cross-site scripting vulnerabilities in ...
9 months ago Imperva.com
How enterprises are using gen AI to protect against ChatGPT leaks - ChatGPT is the new DNA of shadow IT, exposing organizations to new risks no one anticipated. Enterprise workers are gaining a 40% performance boost thanks to ChatGPT based on a recent Harvard University study. A second study from MIT discovered that ...
10 months ago Venturebeat.com
ChatGPT Extensions Could be Exploited to Steal Data and Sensitive Information - API security professionals Salt Security have released new threat research from Salt Labs highlighting critical security flaws within ChatGPT plugins, presenting a new risk for enterprises. Plugins provide AI chatbots like ChatGPT access and ...
8 months ago Itsecurityguru.org
Foreign states already using ChatGPT maliciously, UK IT leaders believe - Most UK IT leaders believe that foreign states are already using the ChatGPT chatbot for malicious purposes against other nations. That's according to a new study from BlackBerry, which surveyed 500 UK IT decision makers revealing that, while 60% of ...
1 year ago Csoonline.com
Are you sure you want to share that with ChatGPT? How Metomic helps stop data leaks - Open AI's ChatGPT is one of the most powerful tools to come along in a lifetime, set to revolutionize the way many of us work. Workers aren't content to wait until organizations work this question out, however: Many are already using ChatGPT and ...
9 months ago Venturebeat.com
Google Researchers' Attack Prompts ChatGPT to Reveal Its Training Data - A team of researchers primarily from Google's DeepMind systematically convinced ChatGPT to reveal snippets of the data it was trained on using a new type of attack prompt which asked a production model of the chatbot to repeat specific words forever. ...
11 months ago 404media.co
REVIEW: ISC2 CERTIFIED CLOUD SECURITY PROFESSIONAL CERTIFICATION - The Certified Cloud Security Professional is a highly respected cybersecurity certification that addresses the needs of professionals and employers for robust and adaptable cloud security expertise. As cyber threats continue to escalate, the demand ...
10 months ago Cybersecurity-insiders.com
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store - On Android devices, one of the apps analyzed by researchers has more than 100,000 downloads, tracks, and shares location data with ByteDance and Amazon, etc. ChatGPT, the AI software, has already taken the Internet by storm, and that is why ...
1 year ago Hackread.com
Researchers Uncover Simple Technique to Extract ChatGPT Training Data - Can getting ChatGPT to repeat the same word over and over again cause it to regurgitate large amounts of its training data, including personally identifiable information and other data scraped from the Web? The answer is an emphatic yes, according to ...
11 months ago Darkreading.com
Google to Announce Chat-GPT Rival On February 8 Event - There seems to be a lot of consternation on Google's part at the prospect of a showdown with ChatGPT on the February 8 event. The search giant has been making moves that suggest it is preparing to enter the market for large language models, where ...
1 year ago Cybersecuritynews.com
Locking Down ChatGPT: A User's Guide to Strengthening Account Security - OpenAI officials said that the user who reported his ChatGPT history was a victim of a compromised ChatGPT account, which resulted in the unauthorized logins. OpenAI has confirmed that the unauthorized logins originate from Sri Lanka, according to an ...
9 months ago Cysecurity.news
The Emergence of AI In the Enterprise: Know the Security Risks - As is often the case with any new, emerging technology, using AI comes with security risks, and it's essential to understand them and impose the proper guardrails around them to protect company, customer, and employee data. There are real, tangible ...
11 months ago Cyberdefensemagazine.com
Smashing Security podcast #307: ChatGPT and the Minister for Foreign Affairs Graham Cluley - Could a senior Latvian politician really be responsible for scamming hundreds of "Mothers-of-two" in the UK? And should we be getting worried about the AI wonder that is ChatGPT? All this and more is discussed in the latest edition of the "Smashing ...
1 year ago Grahamcluley.com
McCaffrey Joins 'ASTORS' Champion SIMS Software Board of Advisors - SIMS Software, the leading provider of security information management software to the government and defense industries - and the 2023 Platinum 'ASTORS' Award Champion for Best Security Workforce Management Solution, is delighted to announce that ...
9 months ago Americansecuritytoday.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
IT and security professionals demand more workplace flexibility - The concept of Everywhere Work is now much broader, encompassing where, when, and how professionals get their work done - and flexibility has become a key workplace priority, according to Ivanti. Ivanti surveyed over 7,700 executive leaders, IT and ...
7 months ago Helpnetsecurity.com
Hangzhou's Cybersecurity Breakthrough: How ChatGPT Elevated Ransomware Resolution - The Chinese media reported on Thursday that local police have arrested a criminal gang from Hangzhou who are using ChatGPT for program optimization to carry out ransomware attacks for the purpose of extortion. An organization in the Shangcheng ...
10 months ago Cysecurity.news
OpenAI rolls out imperfect fix for ChatGPT data leak flaw - OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According to the researcher who discovered the flaw, the mitigation isn't perfect, so attackers can still exploit it under ...
10 months ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
One Year of ChatGPT: Domains Evolved by Generative AI - ChatGPT has recently completed one year after its official launch. Since it introduced the world to the future, by showing what a human-AI interaction looks like, ChatGPT has eventually transformed the entire tech realm into a cultural phenomenon. ...
11 months ago Cysecurity.news
2024 brings changes in data security strategies - 2024 will be a revolutionary year for the data security landscape as Data Security Posture Management technology rapidly evolves to keep pace with the colossal amount of data being created, stored and shared within organizations and across business ...
11 months ago Helpnetsecurity.com
Why I Chose Google Bard to Help Write Security Policies - COMMENTARY. Ever since large language models like ChatGPT burst onto the scene a year ago, there have been a flurry of use cases for leveraging them in enterprise security environments. From the operational, such as analyzing logs, to assisting ...
11 months ago Darkreading.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
1 year ago Csoonline.com
2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
11 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)