Over the past few months, I've had the opportunity to attend the BlackHat 2023 and RSA Conferences. When asked to summarize key takeaways from the sessions at both conferences, Generative AI in cybersecurity is a common theme that came into focus.
Most people relate Generative AI to its ability to generate text, images, and other media using a generative model (think ChatGPT). From a cybersecurity perspective, this technology holds a lot of promise, with solutions that include:
Anomaly detection models that identify suspicious activity in network traffic
Malware detection models that learn the characteristics of known malware and identify new threats
Incident response tools that use AI to automate tasks such as triage and remediation
Lastly, but most importantly, threat intelligence models that aggregate and analyze threat data from a variety of sources
BlackHat is also a time for new research to be disclosed, the most prominent being the Downfall series of attacks that involve the exploitation of CVE-2022-40982 relating to Intel processors.
There was a strong focus on policy-making, promoting conformity in thought and dismissing critical perspectives (traditionally, the hacking culture used to oppose this, yet now seems to embrace it). In my opinion, we need more hands-on technical people with industry experience (at scale) willing to wade into the kind of years-long deep policy work that none of us prefer over our technical work but that we still need to prioritize.
These “people” will come from the same background that I do: the “jack of all trades” IT manager who lacks a budget but performs the duties of System Administrator, Network Administrator, and Helpdesk Manager daily. The current climate is ideally suited for this sort of professional. Kembe Walden, Acting National Cyber Director, Executive Office of the President, said it's time for organizations to look past the standard, on-paper qualifications that traditionally define job searches.
Finally, BlackHat 2023 allowed us to catch up with some of our partners in person, including Qualys, CrowdStrike, and Wiz. We have active projects leveraging all three technologies, focused on deployments and integrations that will enhance our client's security posture.
If you are ready to learn how technologies like generative AI can enhance your cybersecurity program, reach out to us at sales@imaginexconsulting.com.