A recent study conducted by Corelight has revealed a lack of agreement among European IT leaders regarding the benefits of generative AI (GenAI) in the realm of cybersecurity. The survey, which involved 300 IT decision makers (ITDMs) from the UK, France, and Germany, resulted in the production of a report entitled “Generative AI in Security: Empowering or Divisive?”

The findings of the study indicated a mix of optimism and concern surrounding the technology. While 46% of respondents expressed interest in exploring ways to incorporate GenAI into their cybersecurity strategies, an almost equal number (44%) raised issues related to data exposure and organizational barriers that hinder the adoption of GenAI in cybersecurity practices. Additionally, 37% of participants expressed doubts about the safety of using GenAI in cybersecurity.

Security concerns surrounding the use of GenAI have been highlighted in various scenarios. For instance, Samsung prohibited the utilization of ChatGPT in 2023 after employees shared confidential meeting notes and source code with the tool. The possibility of sensitive customer data or intellectual property being accessed by unauthorized users through such tools presents inherent security, privacy, and compliance risks.

Despite these challenges, Corelight asserted that with the appropriate architecture that prioritizes privacy, both the GenAI tool and the underlying large language model (LLM) can overcome these obstacles. The company emphasized that their commercial network detection and response (NDR) product creates a “functional firewall” between customer data and GenAI features.

Ignacio Arnaldo, Corelight’s director of data science, believes that with advancements in model capabilities and privacy safeguards in LLM deployments, GenAI stands to play a pivotal role in security operations. He stated that as the models improve in reasoning capacity and cybersecurity expertise, GenAI is poised to become an essential component of cybersecurity operations.

According to the survey conducted by Corelight, 50% of ITDMs believe that GenAI’s most significant impact on cybersecurity lies in providing context and analysis for Security Operations (SecOps) teams. Other potential use cases identified by participants include maintaining compliance policies (41%), offering recommendations on domain-specific languages like identity and access management policies (36%), providing guidance on vulnerability mitigation (35%), and offering insights on network connections and processes (32%).

As the debate over the value and risks of GenAI in cybersecurity continues, it is apparent that a balanced approach that addresses security concerns while leveraging the technology’s potential benefits is crucial. The evolving landscape of cybersecurity threats necessitates innovative solutions, with GenAI poised to play a significant role in bolstering organizations’ defense mechanisms against malicious actors.

Source link