Recently, the President issued a new Executive Order focused on Artificial intelligence. This represents a large step forward in placing guidance and bounds as AI is a nascent technology, and a critical step to ensure that technology is being utilized for the betterment of society and not for bad actions and crimes.
AI is being utilized by nation state and non-nation state actors to attack organizations and people. Network and infrastructure are being inundated by AI advancing sophistication of bot capability to penetrate and find new vulnerabilities. Phishing and scams are increasing in frequency and sophistication through use of AI—which results in stolen credentials, disruption of service or operations, theft or acquisition of critical data and PII. AI can be used to advance an attack vector—like Aaron Mulgrew wrote about when he used AI to create malware. AI is being used to help spread of misinformation, which in turn creates an environment where individuals and organizations can be placed in a vulnerable or urgent state to play into attack vectors.
It's critical to cybersecurity to ensure responsible and safe use of AI to stay ahead of crime, but AI tools and technology have also proven to be fallible, whether its AI hallucination that leads to misinformation or creating a tool that can inadvertently creates new cybersecurity threats—with really low cost barriers to execute.
A portion of the Executive Order is focused on creating tools, tests and standards around this emerging technology. There is protection today within AI tools and additional protections will be added as products advance, but there will always be an opportunity to misuse technology. The critical question to consider is will there be continuous efforts by the government to define what is and is not AI technology? Currently in the market, this capability is believed to be in the peak of hype cycle.
This Executive order has dictated several future efforts that will impact AI’s influence on cybersecurity:
While no timing has been set, these emerging efforts will have far reaching impact on cybersecurity both here and within global organizations. I intend to watch closely where these key efforts take action within agencies. Most importantly, this executive order is intended to protect critical operations that ensure safety and welfare of people and of democracy itself within cyberspace.
George Kamis is the Chief Technology Officer (CTO), Global Governments and Critical Infrastructure. He works closely with Information Assurance industry leaders, government executives, and the Forcepoint executive management team to help guide their long-term technology strategy and keeps it...
Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.