Open AI for Purposeful Cybersecurity

When I decided to write an article on this topic, it was brand new to the industry; but when this article is published it could be a familiar one. Yes, it’s none other than ChatGPT. It is OpenAI’s long-form question-answering AI that answers complex questions conversationally.

Most of us know what it is, but I would like to iterate on how we could effectively utilize ChatGPT for strengthening Cybersecurity and other business domains.

As ChatGPT is already being utilized by key IT business players for their internal business purposes, it is a proven fact that in a near future ChatGPT will be a common platform for most digital businesses. It could be serving as base platform for many businesses, the OEMs should ensure that the is product is fool-proof.

Fig 1.1 ChatGPT as common platform for all the domains

As we see in the above pictorial representation, it is possible that businesses across various domains start embedding ChatGPT as a service in various offerings which they give to their end customers. As a result of this, defects, bugs, or improper directions in the common platform will reflect in all the domains across businesses globally. The bugs and defects may be minor, but when a large number of customers use it, the impact could be exponentially massive. The impact of these defects may not be predictable and its consequences when cascaded to multiple levels will affect humans and potentially the environment too.

ChatGPT ingests vast volumes of data available which forms the basis of its responses. Thus, it can propagate human biases and discrimination.

Below are a few purposeful ways in which ChatGPT could be used

• To develop cybersecurity policies, scripts, and reports
• To identify the social engineering threats in conversations
• Could help developers in preparing the draft version of the code for requirements
• Could help in identifying, and preventing the cybersecurity attacks by analyzing large volumes of data
• Could be used to calculate the volume, scope, and type of the cyber attacks
• Could react to cyberattacks by disconnecting the key applications, systems, and servers involved in the attack
• Could give alarms to security teams, and groups on the potential suspect attacks
• Could be used in vulnerability testing, writing Firewall rules, and report generation among other things
• Could be used in proactive monitoring

• Since ChatGPT is still in training mode, the results provided are not completely reliable, and reacting or responding to completely new scenarios is questionable
• Extensive testing should be done before implementing open AI in domains like Banking, Healthcare, and cybersecurity, since minor gaps may lead to highly negative impacts/consequences

• Well-defined directions should be given to the integration platforms on how it could be used, implemented, and integrated for purposeful and safe utilization
• Segregation of duties on what to respond or assist to be clearly defined by the OEMs to avoid the OpenAI being used by hackers and malicious players
• Rules and regulations play a key role in bringing new product being used for constructive implementation

We all need to accept the fact that the pros and cons are equally distributed in all emerging technologies. How we use it makes all the difference. Let’s use it constructively and encourage others to do so.